# Is it dangerous to forward port 25565?



## Telephonekiosk (May 1, 2011)

I'm planning on starting my own Minecraft server, but to do so I must first forward port 25565. Would this put my computer at risk for viruses/hackers?


----------



## lunarlander (Sep 22, 2007)

It all depends on the Minecraft code. Was security a consideration when they coded Minecraft ? For example, did they consider how hackers can attack the server and wrote code to mitigate that ? This is a question that you want to ask the developers on their own forum, if they have one.

In general, running any kind of server is risky, because it exposes a program ( the server ) to the entire internet. Hackers will have 24/7 to play with the server and find security holes. And most of the time you won't know that they are doing it, until they manage to break in. Then you might find clues that a breakin has happened if they created new accounts or installed programs. 

What account does the server run under? If you can, make it run in a standard/limited user account, and not any admin account or system account. So if the server becomes hacked they only gain normal limited account privileges.

If your router has DMZ, place the server PC in the DMZ zone. Note that not all routers implement a true DMZ. A true DMZ is a separate network. So for example, the normal LAN is 192.168.1.xxx, the DMZ would be a separate LAN like 192.168.200.xxx. That way, should the server PC becomes compromised, the hackers can't move on to hack the other PCs in the network. If your router doesnt support this type of DMZ, then go buy 2 routers, one router is for all your family PCs, and the other router is only for the server.


----------

