1. Ports
  2. Port 2087

Port 2087: WHM (WebHost Manager) — The back door of shared hosting

What This Port Is

Port 2087 sits in the registered port range (1024-49151), the territory where software vendors claim ports by convention rather than assignment. IANA has no official service listed here.1

What actually runs on it: WebHost Manager (WHM), the server administration interface bundled with cPanel. If you've ever managed a shared or VPS hosting account, you've likely pointed a browser at https://your-server:2087 and logged in as root.

The cPanel Port Cluster

cPanel carved out four adjacent ports for its services:

PortProtocolService
2082HTTPcPanel (unencrypted)
2083HTTPScPanel (SSL)
2086HTTPWHM (unencrypted)
2087HTTPSWHM (SSL)

Port 2087 is the one you actually want to use. WHM over plain HTTP (2086) exists but sends credentials in cleartext. Use 2087.

Why a Separate Port at All

Web servers claim ports 80 and 443. If WHM ran there too, you'd have a conflict -- the web server and the admin panel fighting over the same socket. cPanel solved this by picking high-numbered ports that nothing else was using, setting them as defaults, and moving on.

Nobody officially approved 2087. cPanel chose it, documented it, and the entire shared hosting industry adopted it. HostGator, Bluehost, Namecheap, A2 Hosting -- they all open 2087 because cPanel says to.2

This is how informal port allocation actually works. You pick something, ship it, and if enough people use your software, the port becomes yours by sheer momentum.

What to Do If You See This Port Open

On a hosting server: expected. WHM is there.

On anything else: investigate. An open 2087 on a machine that isn't a cPanel server is unusual. Check what's listening:

# Linux
ss -tlnp | grep 2087

# macOS
lsof -i :2087

# Windows
netstat -ano | findstr :2087

Security Considerations

WHM is powerful -- it controls everything on the server. If you're running cPanel:

  • Restrict port 2087 to trusted IP addresses in your firewall
  • Never leave it exposed to the public Internet if you can help it
  • Always use the SSL version (2087, not 2086)
  • Enable two-factor authentication in WHM

Exposed WHM ports are a common target for brute-force attacks. Attackers know that 2087 probably means a root-level admin interface.

The Broader Pattern

Port 2087 illustrates something real about how the Internet works. The formal registry matters, but it isn't the whole story. Widely deployed software creates its own facts on the ground. IANA says unassigned. A few million hosting servers disagree.

Frequently Asked Questions

पिछला

Port 2086: The Unregistered Front Door to the Web Hosting World

अगला

Port 2088: IP Busy Lamp Field — The Port for the Little Light on Your Desk Phone

क्या यह पृष्ठ सहायक था?

😔
🤨
😃
Port 2087: WHM (WebHost Manager) — The back door of shared hosting • Connected