For a web server that requires all connections to be encrypted, port 80 (HTTP) should be disabled. Port 80 is used for unencrypted web traffic, whereas port 443 is used for HTTPS, which provides encrypted communication.
* Port 80 (HTTP): This port is used for unsecured web traffic. Disabling this port ensures that all web traffic must use HTTPS, which encrypts the data in transit.
* Port 443 (HTTPS): This port is used for secure web traffic via SSL/TLS encryption. Keeping this port open ensures that secure connections can be made to the web server.
* Other Ports:
* Port 22: Used for SSH, providing secure remote access and file transfers.
* Port 587: Used for secure email submission (SMTP) with encryption.
Network References:
* CompTIA Network+ N10-007 Official Certification Guide: Discusses the roles and security implications of various ports and protocols.
* Cisco Networking Academy: Provides training on secure web server configuration and port management.
* Network+ Certification All-in-One Exam Guide: Covers port security and best practices for securing web servers.