Skip to content
Pricing RU Sign In
RU

Port 502 — Modbus TCP

By · Updated
Key idea:

TCP/502 is the standard port for Modbus TCP, an industrial protocol for PLCs (Programmable Logic Controllers) and SCADA systems. No built-in auth or encryption — originally designed for isolated OT networks. Exposing 502 to the internet is catastrophic (Shodan lists 20k+ exposed Modbus devices). Fix: IP whitelist + VPN, or proxy through Modbus Secure (TCP/802).

Below: details, example, related, FAQ.

Try it now — free →

Details

  • Protocol: Modbus/TCP (no RFC, de-facto standard from Schneider Electric 1999)
  • Function codes: 03 read holding, 06 write register, 16 write multiple
  • Security: no auth, no TLS (Modbus/TCP Security on port 802 adds it)
  • Shodan query: port:502 — publicly scanned
  • Detection: Nmap --script modbus-discover

Example

# Check if the port is open
$ nc -zv 192.168.1.10 502

# Nmap scan
$ nmap -p 502 --script modbus-discover 192.168.1.10

# Python pymodbus — read registers
from pymodbus.client import ModbusTcpClient
client = ModbusTcpClient('192.168.1.10', port=502)
resp = client.read_holding_registers(0, count=10)
print(resp.registers)

Related

Related guides

ICMP PingHost availability and latency
Port ScannerOpen TCP port detection
LatencyResponse time in milliseconds
Packet LossPercentage of dropped packets

Why teams trust us

ICMP+TCP
check protocols
14
key ports scanned
<2s
result
3
regions

How it works

1

Enter IP or domain

2

ICMP packets sent

3

Latency & packet loss shown

How Do Ping and Port Scanning Work?

Ping sends ICMP packets to a host and measures response time. Port scanning checks which TCP ports are open and accepting connections — helping diagnose serviceavailability issues.

Configurable Ping

Choose packet count (3, 4, 6, 10). Stats: min/avg/max latency and packet loss.

Common Port Scanner

Check 14 key ports: HTTP, HTTPS, SSH, FTP, SMTP, MySQL, PostgreSQL, and more.

Cloud-Based Check

Testing from our server — see site availability from outside, not just your local network.

Uptime Monitoring

Need constant monitoring? Create a monitor — checks every minute with notifications.

Who uses this

DevOps

availability diagnosis

Network engineers

TCP port scanning

Developers

connection debugging

SRE

basic health check

Common Mistakes

ICMP blocked = server is downMany servers block ICMP. Ping fails but site works — check ports instead.
High ping = server problemLatency depends on geography. 150ms between continents is normal, not an error.
Closed ports — cause for alarmClosed ports of unused services are good. Unnecessary open ports are a risk.
One check = sufficientNetworks are unstable. A single timeout ≠ a problem. Check multiple times or set up monitoring.

Best Practices

Combine ping and port checksPing shows host availability, ports show specific service availability. Use both.
Check from different locationsThe problem may be local. A cloud test shows the real picture.
Close unused portsEvery open port is a potential attack vector. Keep only necessary ports open.
Set up monitoringManual checks do not scale. Set up automated monitoring with notifications.

Get more with a free account

Ping check history, host availability monitoring and downtime alerts.

Sign up free

Related tools

TracerouteDNS LookupWHOISSSL Check

Frequently Asked Questions

Why care?

If you run industrial automation (factory, energy, water) this is a key ICS port. A leak has physical consequences (stopping a pipeline).

Safe to expose to the internet?

Never in plain-text. Either VPN or Modbus Secure (802) with TLS.

Alternative?

OPC UA (4840) — modern, secure, structured data. New projects pick it.

Start monitoring for free

Sign up and get access to API, monitoring and notifications

Create Account API Documentation