Should I still use port 80 if I have HTTPS?

Yes. Even with HTTPS, you should keep port 80 open to redirect HTTP requests to HTTPS. Users who type your domain without 'https://' will connect on port 80 first. Port 80 is also required for Let's Encrypt HTTP-01 challenges to issue and renew SSL certificates. Use a server-level 301 redirect from port 80 to port 443.

Why does port 80 require root access to bind?

Ports below 1024 are 'privileged ports' on Unix/Linux systems and require root access to bind. This prevents unprivileged users from impersonating system services. You can use 'setcap' to grant specific binaries the capability, use a reverse proxy, or run behind a load balancer that handles port 80.

Is port 80 TCP or UDP?

Port 80 primarily uses TCP for HTTP traffic. HTTP/3 (QUIC) uses UDP on port 443, not port 80. Standard HTTP/1.1 and HTTP/2 connections always use TCP. The IANA registers both 80/tcp and 80/udp, but only TCP is used in practice for web traffic.

Port 80 - HTTP Web Traffic

Q: How do I check if port 80 is open?

From a remote machine: 'nc -zv hostname 80', 'curl -I http://hostname', or 'nmap -p 80 hostname'. On the server: 'sudo ss -tlnp | grep :80' or 'sudo lsof -i :80'. On Windows: 'netstat -ano | findstr :80'. If port 80 is blocked, check your firewall rules (ufw, iptables) and cloud security groups.

Protocol	TCP
Service	HTTP (Web)
Encrypted	No
IANA Status	Official

What is Port 80?

Port 80 is the default port for HTTP (Hypertext Transfer Protocol) traffic. When you visit a website using http://, your browser connects to port 80 unless otherwise specified.

Why Port 80?

Historical default: Assigned by IANA in the early days of the web
No port needed in URLs: http://example.com = http://example.com:80
Privileged port: Ports below 1024 require root/admin to bind

Security Considerations

HTTP is unencrypted

Data sent over port 80 can be intercepted. Always redirect to HTTPS (port 443) for production websites.

Common Uses

Redirecting HTTP to HTTPS
Let's Encrypt ACME challenges
Health checks behind load balancers
Internal services on private networks

Server Configuration

Nginx - Redirect to HTTPS

server {
    listen 80;
    server_name example.com;
    return 301 https://$server_name$request_uri;
}

Apache

<VirtualHost *:80>
    ServerName example.com
    Redirect permanent / https://example.com/
</VirtualHost>

Check if port 80 is in use

# Linux/macOS
sudo lsof -i :80
sudo ss -tlnp | grep :80

# Windows
netstat -ano | findstr :80

Troubleshooting

Port already in use: Check for Apache, Nginx, or other web servers
Permission denied: Need root/sudo to bind to port 80
Firewall blocking: Open port 80 in iptables/ufw

How to Check if Port 80 is Open

These commands help you verify port 80 accessibility from both the client and server side.

# From a remote machine — test connectivity
nc -zv example.com 80              # Netcat
curl -I http://example.com         # HTTP headers only
nmap -p 80 example.com             # Nmap scan
telnet example.com 80              # Telnet

# On the server — check what's listening
sudo ss -tlnp | grep :80
sudo lsof -i :80
sudo netstat -tlnp | grep :80

# Check firewall rules
sudo ufw status | grep 80
sudo iptables -L -n | grep 80

Port 80 vs Port 443

Understanding the relationship between HTTP (port 80) and HTTPS (port 443) is essential for web server configuration.

Feature	Port 80	Port 443
Protocol	HTTP	HTTPS (TLS)
Encrypted	No	Yes
Certificate needed	No	Yes (SSL/TLS)
Modern use	Redirect to 443	All web traffic

Monitoring Port 80 with UptimeSignal

Even though most production traffic uses HTTPS, monitoring port 80 is still valuable. A broken HTTP-to-HTTPS redirect means visitors see errors instead of your site. UptimeSignal can monitor both your HTTP redirect on port 80 and your HTTPS endpoint on port 443 to ensure your entire web stack is functioning correctly.

Frequently Asked Questions

What runs on port 80?

Port 80 is the default port for HTTP web traffic. Web servers like Nginx, Apache, Caddy, and Microsoft IIS listen on port 80 to serve web pages. In modern deployments, port 80 primarily handles redirects to HTTPS (port 443) and Let's Encrypt ACME HTTP-01 certificate validation challenges. Internal services behind load balancers may also use port 80 for health checks.

Should I close port 80 if I have HTTPS?

No, keep port 80 open. Users who type your domain without https:// will connect on port 80 first. If it's closed, they'll see a connection error instead of being redirected to HTTPS. Port 80 is also required for Let's Encrypt HTTP-01 challenges. Configure your server to return a 301 redirect from port 80 to port 443.

How do I check if port 80 is open?

From a remote machine, use nc -zv hostname 80, curl -I http://hostname, or nmap -p 80 hostname. On the server itself, run sudo ss -tlnp | grep :80 to see if a web server is listening. Check your site status with our free tool.

Why does binding to port 80 require root?

On Unix/Linux, ports below 1024 are privileged and require root access to bind. This prevents unprivileged users from impersonating system services. Workarounds include using setcap 'cap_net_bind_service=+ep' /path/to/binary, running behind a reverse proxy like Nginx, using authbind, or deploying behind a load balancer.

Is HTTP over port 80 still safe for any use?

HTTP on port 80 is acceptable for internal services on trusted networks, health check endpoints behind load balancers, and local development. For anything on the public internet, always use HTTPS on port 443. Browsers now flag HTTP pages as "Not Secure," and Google ranks HTTPS sites higher in search results.

Port 80: HTTP Web Traffic