I just flashed openwrt to a usb stick and plugged it into my Raspberry Pi. Then, from my phone using my wireless provider connection, I did a port scan on my home WAN IP address and it turns out that it detects ports 443 and 53 as open. Why is the default installation of OpenWRT leaving port 53 and 443 open, what is it serving, and what can I do to close these ports and attack vectors?
Thanks
It isn't, you probably did something wrong
How did you do the scan -- did you disable wifi on your phone before running it?
Let's take a look at your firewall configuration to make sure nothing has changed from the defaults.
Also, keep in mind that if you have a device in-front of your OpenWrt Pi such as a modem or modem+router combo it is possible that it is actually the thing that is responding.
Please connect to your OpenWrt device using ssh and copy the output of the following commands and post it here using the "Preformatted text </> " button:
Remember to redact passwords, MAC addresses and any public IP addresses you may have:
ubus call system board
cat /etc/config/firewall
If your scanning your network from the LAN this is expected behaviour, Your LAN side is trusted and will respond to requests Openwrt will also trust LAN requests to the WAN.
What it will not trust out of the box is unsolicited requests to the WAN from the outside world
Please, check again that you are using the cell connection on the phone instead of the wifi, that the OoenWrt device has received a public IP address instead of a private one, and obviously that you are not using DD WRT again 
.
If you pass all those tests, and you really did not open those ports yourself, I would try to connect to those ports, and see if I connect to the router or if the packets arrive to the router. Your ISP might be interfering with that traffic.