FREE TOOL

Open Port Scanner

Scan any domain for commonly open ports. Identify running services like HTTP, HTTPS, SSH, FTP, SMTP, and database servers in seconds.

What is port scanning?

Port scanning probes a server to discover which network ports are accepting connections. Each open port indicates a running service. For example, port 443 means HTTPS is active, port 22 means SSH is listening, and port 3306 means a MySQL database may be exposed. Understanding your open ports is a fundamental part of security assessment.

Why check for open ports?

Every open port is a potential entry point for attackers. Database ports (3306, 5432) should never be publicly accessible. Administrative services like SSH (22) should be restricted to specific IP ranges. Unnecessary open ports increase your attack surface and can expose sensitive services to the internet.

How to secure open ports

Use a firewall to block all ports except those required for your services. Move administrative services like SSH to non-standard ports or restrict them by IP. Ensure database ports are only accessible from your application servers, not the public internet. Regularly audit your open ports and disable services you no longer need.

FAQ

Frequently asked questions

Is this port scanner free?+

Yes, completely free. No signup or credit card required. Scan any public domain for common open ports instantly.

Which ports does this tool check?+

This tool scans 11 commonly targeted ports: HTTP (80), HTTPS (443), SSH (22), FTP (21), SMTP (25), Submission (587), IMAPS (993), MySQL (3306), PostgreSQL (5432), and alternate HTTP ports (8080, 8443). These cover the most frequently exposed services.

What does the grade mean?+

The grade reflects how many non-essential ports are open. An A means only expected web ports (80/443) are open. Lower grades indicate additional services are publicly reachable, which increases your attack surface. Database and admin ports being open will significantly lower the grade.

Is port scanning legal?+

Scanning your own domains and servers is legal and a standard security practice. Scanning third-party systems without authorization may violate computer fraud laws in some jurisdictions. This tool performs a lightweight check of common ports only.

FULL SECURITY AUDIT

Open Port Scanner is just the start.

CQwerty Shield checks SSL, DMARC, SPF, DNS, HTTP headers, WHOIS, breach intel, and more — with CVE/KEV cross-references on every finding.

Free full scan — no signup