Alibaba Cloud provides a comprehensive set of global cloud computing services to power Alibaba’s eCommerce ecosystem and other online businesses. Since 2009, Alibaba Cloud has been one of the leading providers of Artificial Intelligence (AI) and cloud computing. Alibaba Cloud offers cloud computing resources and services to thousands of government organizations, developers, and enterprises in more than 200 regions.
Users can use firewalls to implement access control on simple application servers and define security domains in the Alibaba Cloud. This tutorial describes the port information preset by the firewall feature, adds firewall rules for a simple application server, and enables TCP port 25 on an Alibaba Cloud server.
The firewall of each simple Alibaba Cloud application server allows traffic on HTTPS port 443, HTTP port 80, and Secure Shell (SSH) port 22 and denies traffic on the other ports by default. Users can add firewall rules to allow traffic on more ports in Alibaba Cloud.
Add a Firewall Rule
In order to add a firewall rule in the Alibaba Cloud, follow the below steps:
1. First, log in to the Simple Application Server console.
2. Next, click the Servers option from the left-side navigation panel.
3. Find the simple application server that the user wants to add a firewall rule, and click the server card.
4. Choose Security >> Firewall from the left-side navigation panel.
5. If the user has never added firewall rules for the server, they can find only ports 22, 80, and 443, which is allowed by default on the Firewall page.
6. On the Firewall page, click the Add Rules button in the upper-right corner.
7. On the Add Firewall Rule dialogue box, configure application Type, Protocol, and Port Range parameters.
The following table describes the parameters.
| Parameter | Description |
| Application Type | Users can select the Customize option from the Application Type drop-down list to customize a firewall rule, or users can choose another value from the drop-down list to use a preset firewall rule.
|
| Protocol |
|
| Port Range | When the user has selected a preset firewall rule, a port range is automatically updated and does not need to be manually entered. When the user has chosen the customized firewall rule, they must specify this parameter. Valid values: 1 to 65535. Users can use one of the below methods to set this parameter:
|
| Remark | Enter a brief description of the firewall rule to facilitate subsequent management in this field. |
>> Note: Users can click the +Add Rules button to add more rules.
After the user has added firewall rules, they can view the added rules on the Firewall page, as shown below.
8. Finally, click the OK button.
Port Information Preset in Firewalls
Some of the port information present in firewalls of an Alibaba Cloud server is:
| Application Type | Protocol | Port Range | Description |
| HTTPS | TCP | 443 | The default HTTPS port. |
| HTTP | TCP | 80 | The default HTTP port. |
| SSH | TCP | 22 | The default SSH port. |
| FTP | TCP | 21 | The default FTP port. |
| TELNET | TCP | 23 | The default Telnet port. |
| MySQL | TCP | 3306 | The default MySQL port. |
| All TCP | TCP | 1 to 65535 | All TCP ports. |
| All UDP | UDP | 1 to 65535 | All UDP ports. |
| All UDP and TCP | UDP + TCP | 1 to 65535 | All UDP and TCP ports. |
Request to Enable TCP Port 25
For security purposes, the Alibaba Cloud server blocks outbound traffic transmitted through TCP port 25. Therefore, users cannot use Alibaba Cloud instances to access external addresses through TCP port 25. In order to enable TCP port 25, follow the below steps:
1. First, log in to the Alibaba Cloud Security Control console.
2. Select Application >> Open Port 25. On the page that appears, click the Apply button to open Port 25 in the upper-right corner.
3. Select an IP address type, and fill out the following application form. Set the following parameters in the application form:
- Enter IP: Enter the IP address of the instance for which the user wants to enable port 25. The IP address must be a public IP address of an Alibaba Cloud server instance that belongs to the current Alibaba Cloud account.
- Enter a domain name: Enter the domain name of the mail server for which the user wants to enable TCP port 25.
4. Then, click the OK button.
5. Tick the Agreed “Terms Governing the Use of Port TCP 25” option and click the Next button.
6. On the next page, fill out the application form and describe the use of TCP port 25 in detail. On the application form, set the following parameters:
- Type of email to send: Mention the type of emails that the user wants to send from the Alibaba Cloud server connected to TCP port 25 in this field.
- Number of emails to send per day: Enter the number of emails that the user wants to send from the Alibaba Cloud server connected to TCP port 25 in this field.
- Include an unsubscribe function: Choose whether the server is connected to TCP port 25 that offers the unsubscription service.
- Usage Description: Enter the purposes of the user’s application in detail.
7. Finally, click the OK button to submit the user’s application.
Conclusion
This tutorial presents the steps to manage the firewall and enable TCP port 25 on an Alibaba Cloud server. Hope this tutorial was helpful, and do reach out to us if you have any queries or suggestions.
