Instadev
MySQL & C++ Developer
banned
LEVEL 2
90 XP
Hey guys. Today we will go through all the possible (default) server ports you might need to handle as a server owner, what for, and how to "unlock" them to be publically accessible.
First and foremost, we need to establish a certain terminology. This is a thread about port-forwarding, which basically means granting people from outside the server access to these ports. That being said, it will also unlock the ability to get attacked, which is another thread on its own, related to "dosing".
It is important to note that at any given moment you can be dosed, so trying to avoid it might bring you SOME luck but it is advised to consult with people who deal with dosing professionally for more solutions in that regard. This is a simple explanation thread meant for those who have no "enemies" online.
The defaults
Worldserver: 8085
Authserver: 3724
MySQL: 3036
SOAP (Simple Object Access Protocol): 7878
RA (Remote Access): 3443
Public port test site: here.
For starters, how do I make my server public?
That's very simple. If you're in a production environment (Windows Server in our case), you will already have access to your public IP address. In case we don't, we'll go to
Step 1: get your public IP address
Step 2: open up the control panel and head over to "Windows Defender Firewall":
Step 3: head over to "Advanced Settings" on the left side:
Step 4: go to "Inbound Rules":
Step 5: add a new rule:
Step 6: select "port" and hit next:
Step 7: keep TCP selected & type your specified ports. The default to run a public server should be 3724 (authserver) and 8085 (worldserver). We'll use a comma (,) to separate these two ports
Step 8: hit next, confirm the connection, and next again until we see the "name" section:
What's next?
Next up is to mask our IP address with a logon subdomain, which will "convert" our IP address into a memorable address and not just a bunch of numbers. That's called masking.
A step deeper
What does port-forwarding mean?
Port-forwarding means allowing for public access to this port to whoever has your IP address (or in many cases, as it is often referenced as "logon.domainname.com") for a certain service (which is being handled by whatever application is currently using the port I allow publically).
For example, I have two programs, one of them is an automatic backup uploading software, and a TrinityCore server. If both of them use the same port, I will need ONE of them to be offline while the other one works. In reality, they can't coexist if they are to function in sync with each other. However, if I intend to launch them independently, they will perform their duties based on a single port, which will give the port 2 different meanings, depending on the time of each day.
Since we often want things to run in sync with each other, we open more ports. This is a perfect example of servers with more than 1 server.
To open a server with 2+ realms, you will need additional ports (often using 8085+1 = 8086).
What if I have two IPs?
You can set up two different servers entirely based on one single machine split into two different IPs, each server takes a different IP. It all ends up with the configs & database settings.
What does Authserver have
Authserver is the application that stores the realmlist table, which as you recall, is where you set up all your connection settings in conjunction with the configs:
By having this application up & running (as a side note, I've never encountered an authserver crash) you allow players the ability to view your public realms.
How do you know which realm is public?
If assuming you have multiple realms, you can set only one of them as publically available while keeping another realm entirely hidden. That is not what a test realm is for, though. It will not be accessible to anyone, even you if you are using a remote server!
It's simple. At this point, the default ports play a huge role. Once you open up your WoW client, a few things are happening:
WoW client is getting the address from the realmlist.wtf file (which is where you set up different servers' realmlist & connect to different servers).
WoW client has resolved the realmlist's IP address and is now sending checkup packets: which port is the authserver, which will forward him to the available realms (worldservers).
From there, each realm will be presented and let the player choose which realm he wishes to connect to.
If I want to let someone get access to my database?
-- to be updated, need to go --
What if I want to enable SOAP / RA on my server?
Repeat the same process as you have with the beginning of this thread but use the listed ports for SOAP/RA. Use the provided site to test if they're up.
Search in the configs for SOAP/RA enable/disable settings and their default port in case it's different for whatever reason on your configs.
Please note: these settings are not adjustable with .reload config and require a thorough restart. If you encounter any crashes it's because you are already using one of these ports, so be sure your default ports are clear for the job.
In order to access the login verification step, you must have port 3274 open.
In order to access the available realm(), you must have port 8085 (and any other ports you've setup in advance) open.
If you have more than 1 realm, you must have any custom port you set up in the auth.realmlist table & worldserver.conf! Be sure you port that custom port forward as well.
Note: it is common to have ports 8085, 8086, and 8087 open if you want to have 3 realms. Basically, 8085+1 & onwards.
It is very practical to replace each of the following ports with your own custom ones, but the default ports are working just fine, so might as well take advantage of it.
First and foremost, we need to establish a certain terminology. This is a thread about port-forwarding, which basically means granting people from outside the server access to these ports. That being said, it will also unlock the ability to get attacked, which is another thread on its own, related to "dosing".
It is important to note that at any given moment you can be dosed, so trying to avoid it might bring you SOME luck but it is advised to consult with people who deal with dosing professionally for more solutions in that regard. This is a simple explanation thread meant for those who have no "enemies" online.
The defaults
Worldserver: 8085
Authserver: 3724
MySQL: 3036
SOAP (Simple Object Access Protocol): 7878
RA (Remote Access): 3443
Public port test site: here.
For starters, how do I make my server public?
That's very simple. If you're in a production environment (Windows Server in our case), you will already have access to your public IP address. In case we don't, we'll go to
Step 1: get your public IP address
Step 2: open up the control panel and head over to "Windows Defender Firewall":
Step 3: head over to "Advanced Settings" on the left side:
Step 4: go to "Inbound Rules":
Step 5: add a new rule:
Step 6: select "port" and hit next:
Step 7: keep TCP selected & type your specified ports. The default to run a public server should be 3724 (authserver) and 8085 (worldserver). We'll use a comma (,) to separate these two ports
Step 8: hit next, confirm the connection, and next again until we see the "name" section:
What's next?
Next up is to mask our IP address with a logon subdomain, which will "convert" our IP address into a memorable address and not just a bunch of numbers. That's called masking.
A step deeper
What does port-forwarding mean?
Port-forwarding means allowing for public access to this port to whoever has your IP address (or in many cases, as it is often referenced as "logon.domainname.com") for a certain service (which is being handled by whatever application is currently using the port I allow publically).
For example, I have two programs, one of them is an automatic backup uploading software, and a TrinityCore server. If both of them use the same port, I will need ONE of them to be offline while the other one works. In reality, they can't coexist if they are to function in sync with each other. However, if I intend to launch them independently, they will perform their duties based on a single port, which will give the port 2 different meanings, depending on the time of each day.
Since we often want things to run in sync with each other, we open more ports. This is a perfect example of servers with more than 1 server.
To open a server with 2+ realms, you will need additional ports (often using 8085+1 = 8086).
What if I have two IPs?
You can set up two different servers entirely based on one single machine split into two different IPs, each server takes a different IP. It all ends up with the configs & database settings.
What does Authserver have
Authserver is the application that stores the realmlist table, which as you recall, is where you set up all your connection settings in conjunction with the configs:
By having this application up & running (as a side note, I've never encountered an authserver crash) you allow players the ability to view your public realms.
How do you know which realm is public?
If assuming you have multiple realms, you can set only one of them as publically available while keeping another realm entirely hidden. That is not what a test realm is for, though. It will not be accessible to anyone, even you if you are using a remote server!
It's simple. At this point, the default ports play a huge role. Once you open up your WoW client, a few things are happening:
WoW client is getting the address from the realmlist.wtf file (which is where you set up different servers' realmlist & connect to different servers).
WoW client has resolved the realmlist's IP address and is now sending checkup packets: which port is the authserver, which will forward him to the available realms (worldservers).
From there, each realm will be presented and let the player choose which realm he wishes to connect to.
If I want to let someone get access to my database?
-- to be updated, need to go --
What if I want to enable SOAP / RA on my server?
Repeat the same process as you have with the beginning of this thread but use the listed ports for SOAP/RA. Use the provided site to test if they're up.
Search in the configs for SOAP/RA enable/disable settings and their default port in case it's different for whatever reason on your configs.
Please note: these settings are not adjustable with .reload config and require a thorough restart. If you encounter any crashes it's because you are already using one of these ports, so be sure your default ports are clear for the job.
In order to access the login verification step, you must have port 3274 open.
In order to access the available realm(), you must have port 8085 (and any other ports you've setup in advance) open.
If you have more than 1 realm, you must have any custom port you set up in the auth.realmlist table & worldserver.conf! Be sure you port that custom port forward as well.
Note: it is common to have ports 8085, 8086, and 8087 open if you want to have 3 realms. Basically, 8085+1 & onwards.
It is very practical to replace each of the following ports with your own custom ones, but the default ports are working just fine, so might as well take advantage of it.
