diff --git a/harden b/harden
index 9ca6119..402b907 100755
--- a/harden
+++ b/harden
@@ -601,6 +601,11 @@ if [[ -n "$OLD_PORTS" ]]; then
     done
 fi
 sudo ufw allow 22100/tcp
+# Reallow the ports that portainer and watchtower use
+# just in case they were removed by the script above
+sudo ufw allow 9443/tcp
+sudo ufw allow 8000/tcp
+sudo ufw allow 8080/tcp
 if [[ "$currentFirewall" == "firewalld" ]]; then
     sudo firewall-cmd --reload
 else