WAF open ports by default


I have a website I just launched and a security team performed a penetration test. The report identified Ports 2052, 2053, 2082, 2083, 2086, 2087, 2095, 2096,8880 as open and unfiltered. This is a commercial website and based on my research, Cloudflare keeps these open by default. I am concerned about my sites security and I am being told these need to be closed. Am I at risk leaving these open? There isnt much information as to what these ports are for.

Thank you,


I believe that the security team probably utilized an automated scanner on your website.
It is important to note that having open ports is not necessarily a security concern in most cases. If the security team has identified this as a potential risk, they should be able to provide a clear explanation and evidence to support their claim.

A port is like a doorway for data to come in and out of a computer or network. When a port is open, it means that data can flow through it. Having an open port is not inherently a security risk.


Inam being told that open ports can be exploited and those not in use should be shut down as to decrease a hackers attack surface. Is that not true?

Are you using any apps/services on those specific Cloudflare open ports or not? If not, no worry.

Otherwise, if concern, creating a Firewall Rule to allow only traffic/requests on 443 while showing a “1020 block firewall page” can be configured and considered.

You cannot close those ports, only block requests to them, if so.

Helpful article:

Example for cPanel case:

1 Like

Thank you for your response and information,

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.