Why are ports 53 and 5353 opened? (security context)

rds13 · November 20, 2025, 10:19am

What type of hardware are you using: VPS bought online
What YunoHost version are you running: 12.1.29
How are you able to access your server: SSH
Are you in a special context or did you perform specific tweaking on your YunoHost instance ?: No tweaking

Describe your issue

Hello,
This subject has been discussed in … 2020! (Why are ports 53 and 5353 opened?)
The discussion was on the functional aspects.
Today I want to discuss the security motivations.
To my understanding using the yunohost server as a DNS server is not mainstream. The people that use Yunohost in that way need to have some technical knowledge.
That’s why I think in the default configuration ports 53 and 5353 should be closed.
For the port 5353 the default could be opened only if a .local domain has be configured as the main domain.
The default configuration should focus on security.

What do you think?

Share relevant logs or error messages

No relevant.

Aleks · November 20, 2025, 1:07pm

Yeah, port 53 should probably be closed and port 5353 only avalable on local network IP ranges

jarod5001 · November 20, 2025, 1:29pm

They are closed unless you install adguard home for example

system · December 20, 2025, 1:29pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.