Microsoft Small Business Server (SBS) 2003 provides a host of Web-based resources for both internal and external users. All external access to server resources must use Secure HTTP (HTTPS) connections. To enable incoming internal sessions, open port 80. To enable external access to resources, open port 443. Table A identifies the additional ports you need to open to enable remote access to other SBS services. To prevent access problems, the basic firewall UI doesn't let you change the standard port numbers, with the exception of the port assigned to the Remote Web Workplace (TCP port 4125).

To reduce the attack surface for the automated bots that continually probe Internet systems, consider changing the default HTTP port from 80 to an unassigned port such as 83, 8080, or 8088. If you change the HTTP port number, users must enter the port number after the URL (e.g., http://genesis.net-doctor.org:83). You can't use a GUI to make this modification, so you'll need to modify the HTTP port number in the registry and in IIS.