← Back to all network ports
TCP
Vulnerable

9200 Elasticsearch

Elasticsearch exposes REST APIs and cluster management features on port 9200.

Security Context

Port 9200 is high-risk when broadly exposed. Treat it as an attack-surface decision, not just a connectivity setting, and confirm whether the listener truly needs to be reachable.

  • !Unprotected Elasticsearch clusters have a long history of public data exposure.

Nmap Check

Use a version probe first so you confirm whether the expected service is really what is listening on this port.

nmap -sV -p 9200 <host>

Firewall Commands

UFW
sudo ufw allow 9200/tcp
iptables
sudo iptables -A INPUT -p tcp --dport 9200 -j ACCEPT

Related TCP Ports

20
FTP Data
21
FTP Control
22
SSH / SFTP
23
Telnet
25
SMTP
80
HTTP