Caution: Important recommendations for controler and data protection!

Controller must never, under any circumstances, be accessible from the Internet!

In particular, the programming ports of the controller must not be accessible under any circumstances from the Internet without protection!

The most important port numbers for all runtime systems are listed below.
By default, they are assigned by the system, but they can be modified by means of the configuration.

  • 1740..1743: UDP block drivers in the gateway and runtime system

  • 11740..11743: TCP block drivers in the gateway and runtime system

  • 1217: Gateway for connecting CODESYS to the gateway

  • 8080: CODESYS web server

  • 443: CODESYS web server (SSL) *

    * 9090: for BeagleBone

  • 4840: CODESYS OPC UA server

If access from the Internet nevertheless has to be possible, then it is imperative that a secure method for the connection to the PLC is selected.
We recommend the following organizational and technical actions for the system where your applications are running.

  • Use additional data link layers for protection, such as a VPN for remote access.
  • Install firewall mechanisms.
  • Restrict access to authorized people.
  • Use high-strength passwords.
  • At commissioning, change any existing default passwords and change them on a regular basis.

Use the security features supported by CODESYS and the respective controller, such as encryption of communication with the controller and intentionally restricted user access.

  • No labels