Lavasoft FAQ pages

How do I close an open port?

Before closing a port, ensure that it is actually open.

You should also determine whether the port is used by an application or the system in order to select the appropriate way to close it. This information is displayed on the Open Ports (Used Ports) page.

If you see that an application is using the port and you want to block the connection of the application through this port, you need to create a rule for this particular application.

If the port is opened by the system or you cannot identify which application opened it, it is possible to close the port globally. However, you should remember that closing a port globally may lead to negative consequences, as far as legitimate network activity might be blocked as well.
To close an open port for a specific application:

* Make sure Personal Firewall is not running in Disabled or Allow Most mode.
* Open Personal Firewall's main window and click Used Ports in the left panel.
* Look down the Local port column of the information panel and search for the port number you want to close, for example "XYZ".
* Right-click the process using that port in the Process Name:Process ID column. Select Create Rule for Application to create a rule for the application that opens this port. Personal Firewall fills in all the required data automatically; you only need to specify the action to be performed when the rule is triggered.
* In the Rule transcript field, click the keyword of the rule action and select Block. You can optionally select Report this activity in the Specify rule options field.
* Name the rule, so that you can remember it later (in the Rule name field) and click OK to save the rule. You should now see the new rule in the list of the application rules (Settings ? Network Rules, double-click the application in the list). Important: If there are other rules for the same application, select the rule you have created and click the Move up button until the rule appears at the top of the list. Click OK and then Apply.
* Verify that the port scanner can now detect the port.

To close an open port for the whole system:

* Make sure Personal Firewall is not running in Disabled or Allow Most mode.
* Click Settings ? Network Rules ? System-Wide Rules ? Low-Level Rules.
* Click Add to create a new rule.
* In the Rule transcript field click the IP keyword in the Where the protocol is line and specify the TCP protocol.
* In the Select the event the rule will handle field select the Where direction is and Where local port is events.
* In the Rule transcript field click the Undefined keyword next to and direction is and specify the Inbound connection direction.
* In the Rule transcript field click the Undefined keyword next to and local port is and specify the port number.
* In the Rule transcript field click the keyword of the rule action and select Block.
* In the Specify rule options field select Mark rule as High Priority. You can optionally select Report this activity as well.
* Name the rule, so you can recognize it later, (in the Rule name field) and click OK to save the rule.
* You should now see the new rule in the list of low-level rules.
* Verify that the port scanner can now detect the port.

Note: A port should not always be blocked. For example, if you are operating a web/FTP server for public usage, the ports used by the server need to be open, so your server can be accessed and a port scanner will (and should) detect these ports as open. If these ports are closed, your users will not be able to "see" your web/FTP server. Also, be aware that some ports can be blocked by your Internet provider (for example, 139, 137, 135, 80) which may cause incorrect results of an online scan of those ports.

Applies to:

Back to FAQs