Docker (unencrypted)
What is Port 2375?
Port 2375 is the default port for the Docker daemon API without TLS encryption. The Docker daemon exposes a RESTful API that allows remote management of containers, images, networks, and volumes. When configured to listen on port 2375, anyone who can reach this port can execute any Docker command — pulling images, creating containers, mounting host volumes, and effectively gaining root access to the host system. Docker uses this port for unencrypted communication between Docker clients and the daemon. In development environments, Docker Machine historically configured remote Docker hosts to listen on this port for easy management.
Common Uses
- Docker daemon remote API access (development only)
- Docker Swarm node communication (legacy)
- Container orchestration tool integration
- CI/CD pipeline Docker access
Technical Details
Copy-paste commands to check port 2375 (Docker (unencrypted)) from your terminal
Test connectivity
nc -zv example.com 2375
curl -v --max-time 5 http://example.com:2375/
telnet example.com 2375
nmap -p 2375 -sV example.com
(echo > /dev/tcp/example.com/2375) 2>/dev/null && echo "open" || echo "closed"
Open port in firewall
sudo ufw allow 2375/tcp
sudo iptables -A INPUT -p tcp --dport 2375 -j ACCEPT
sudo firewall-cmd --permanent --add-port=2375/tcp && sudo firewall-cmd --reload
Security Considerations
Exposing port 2375 is equivalent to giving root access to anyone who can connect. NEVER expose this port to the internet or untrusted networks. Thousands of exposed Docker daemons on port 2375 have been compromised for cryptocurrency mining. Always use port 2376 with TLS mutual authentication. Use Unix sockets for local Docker access. If remote access is needed, use SSH tunneling or Docker contexts with TLS.
Popular Ports Reference
The most commonly used and referenced network ports