When Oracle WebLogic Server is configured to enable administrative access via the administration port, data is exchanged over SSL, preventing any attacker from sniffing sensitive information about the WebLogic Server configuration.

Furthermore, once the Administration port is enabled, WebLogic Server will serve administration requests on a dedicated port with dedicated resources. A denial service attack mounted on the HTTP/HTTPS channels will not prevent administrators from logging into the WebLogic Server administration console to take corrective actions.

Hence, it is recommended to enable the use of the administration port. Additionally, employ firewall rules or WebLogic Connection Filters to restrict access to the Administration Port to trusted machines from where administrators can log in.

Do note that the Administration Port requires that SSL be enabled and also on every Managed Server. Additionally, the administration port will be common across all managed servers in the domain.

Further details on configuring the administration port can be found in the Administration Console Online Help guide in the Oracle WebLogic Server documentation.