Web Server Ports: HTTP (80), HTTPS (443), and Alternatives

Web Server Port Numbers

Web servers are the backbone of the internet, and understanding their port numbers is essential for any developer or system administrator.

Port 80 — HTTP

Port 80 is the default port for unencrypted HTTP traffic. When you type a URL like http://example.com into your browser, it connects to port 80 on the server. While HTTP is still used, most modern websites redirect port 80 traffic to HTTPS on port 443.

Port 443 — HTTPS

Port 443 is the default port for HTTPS (HTTP over TLS/SSL). All modern websites should serve traffic over HTTPS to encrypt data in transit. Browsers display a lock icon for HTTPS connections and warn users about HTTP sites.

Port 8080 — Alternative HTTP

Port 8080 is the most common alternative HTTP port. It is frequently used for:

• Development servers (webpack-dev-server, React development)
• Proxy servers (Apache, Nginx reverse proxy)
• Application servers running behind a load balancer
• Testing environments when port 80 is already in use

Port 8443 — Alternative HTTPS

Port 8443 serves as an alternative HTTPS port, commonly used by:

• Java application servers (Tomcat, WildFly)
• Admin interfaces that run alongside the main web server
• Development environments requiring TLS

Firewall Configuration

When configuring firewalls, always allow ports 80 and 443 for web servers. For internal services, restrict alternative ports (8080, 8443) to trusted networks only.

# Allow web traffic with iptables
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -A INPUT -p tcp --dport 443 -j ACCEPT