When you install an SSL certificate, one of the steps is to select port 443 – the default port for the HTTPS connection. But what exactly does a port do? And why it’s numbered like that? This article provides the answers.
What is a port?
In simple terms, a port in networking is a software-defined number associated with a network protocol that receives or transmits communications for a specific service. Ports ensure the network connections arrive in the right place, and the traffic remains steady.
What are port numbers?
A port number identifies each transport protocol and address combination with a 16-bit unsigned integer. All network-connected devices come equipped with standardized ports that have an assigned number.
The concept of port numbers was first introduced by the early developers of the ARPANET back in the seventies. The initial term was socket number and had a 40-bit quantity.
In total, there are 65,535 port numbers assigned to different protocols and divided into three ranges: the well-known ports, the registered ports, and the dynamic or private ports.
The well-known ports numbered from 0 through 1023 are usually reserved by large companies and popular services such as Apple QuickTime and Structured Query Language (SQL).
To register a specific port number, you can choose from 1024 to 49,151. Dynamic or private ports range from 49,152 to 65,535 and are available to anyone. A port number can also be temporarily assigned for the request’s duration.
Well-known port numbers
Here are some port numbers assigned to popular networking protocols:
- Ports 20 and 21 – File Transfer Protocol (FTP) Data Transfer and Command Control.
- Port 22. – Secure Shell (SSH) Secure Login.
- Port 25. Simple Mail Transfer Protocol (SMTP), the application behind email.
- Port 53 – Domain Name System (DNS) Service.
- Port 80 – Hypertext Transfer Protocol (HTTP), the foundation of the World Wide Web.
- Port 443. HTTP Secure (HTTPS) HTTP over TLS/SSL.
- Port 500. Internet Security Association and Key Management Protocol used for IP security.
Now let’s turn our attention to Port 443 and examine it closely.
What is Port 443?
Today, web encryption is mandatory for all websites, regardless of size, type, or niche. If the connection between browsers and web servers is not secured, visitors can’t access the pages they want. Instead, they encounter an off-putting SSL connection warning calling them to leave the site immediately.
To encrypt a website, you need to install an SSL certificate on your server. SSL certificates are small digital files that follow the TLS protocol and secure data in transit between two computers over a network. The best indicator of an encrypted website is the padlock icon next to the URL.
Port 443 is the universal port for all encrypted traffic on the Internet. By default, websites use the HTTP protocol to handle all inbound and outbound information through port 80. The problem is that HTTP is not secure, and all data travels in plain text from one computer to another.
SSL certificates activate the HTTPS (S stands for secure) protocol, which transfers data securely via Port 443. How does encrypted data look? It’s just a random string of characters impossible to decipher by cybercriminals. The HTTPS connections are bulletproof to eavesdropping and man-in-the-middle attacks.
When Netscape developed the original SSL protocol to encrypt and authenticate online communications between clients and servers, they chose port 443 because it was not already in use at that time. To learn more about the history of SSL certificates, check this article.
How to enable port 443?
Here’s how to enable port 443 on Windows, Linux, and Mac.
To enable Port 443 on Windows, you need to add it to the Windows Firewall.
- Open the Firewall Control Panel by accessing Start > Run and typing firewall.cpl.
- One the left pane, select Advanced Settings, then click on Inbound Rules in the top-left corner.
- Next, click on New Rule on the right-side panel in the Action column.
- A new window will open. Select TCP and Specific local ports where you need to type 443 next to it.
- In the Action window, select Allow the connection and click Next.
- In the Profile window, choose Domain and Private, then click Next.
- In the Name window, type WCF-WF 4.0 Samples name and click on Finish.
Please note, to set up the Outbound Rules, you need to repeat the septs 2 to 8.
To enable Port443 on Linux systems, run the commands below:
- Run the following command to allow traffic on port 80:
sudo iptables -I INPUT -p tcp -m tcp –dport 80 -j ACCEPT
- Run the following command to allow traffic on port 443:
sudo iptables -I INPUT -p tcp -m tcp –dport 443 -j ACCEPT
Run the following command to save the iptables rules:
sudo service iptables save
Ensure your firewall is disabled (it should be by default), then follow the steps below:
- Open the Terminal app.
- At the prompt, enter the following command to stop the packet filler (pf) firewall in case it’s active – sudo pfctl -d.
- Open the configuration file for pf by using the nano text editor – sudo nano /etc/pf.conf.
- In the editor, add your custom rules at the bottom of the file.
- To open port 443, enter the following command at the bottom of the file below the existing configuration – pass in inet proto tcp from any to any port 443 no state.
- Press Ctrl-x to exit nano, and press Y and Enter to confirm that you want to save the file with the same name.
- Reload the firewall’s settings – sudo pfctl -f /etc/pf.conf
- Finally, restart the firewall – sudo pfctl -E.
Port 443 is an essential cog in the wheel of web security and data encryption. More than 95% of the Chrome traffic goes straight through it. Any website you visit connects to your browser over HTTPS using port 443. To learn more about HTTPS, check this definitive guide on SSL certificates.
Illustrations vector created by pikisuperstar – www.freepik.com