How can I set up Apache to use port 1 and other ports below 80?
The mysql user cannot use ports below 1024 because these are reserved for the root user.
Apache, on the other hand, can use port 80. Apache runs as root before it runs as Apache and thus it can use port 80. It can even listen to port 81 and any other port.
However, when I tried to get Apache to listen on port 79, it did not work. I tried to listen on port 1 too, and that did not work either.
When I change the Apache settings, Apache restarts just fine, but it doesn’t actually work on the web.
Can I use port 1 on the web?
apache restarts just fine but on the web it does not work.
Port 80 is the default HTTP port for browsers as well as servers. This means in order to access a server that’s operating on a non-standard port from a browser, you need to include the port in the address, e.g.:
:79 after the hostname, the browser will try to access port 80 and get nothing since apache is using something else.
I’m going to use Firefox as an example, because its open source and easy to find the information for, but this applies (probably with slightly different lists of ports) to other browsers, too.
In August 2001, CERT issued a vulnerability note about how a web browser could be used to send near-arbitrary data to TCP ports chosen by an attacker, on any arbitrary IP address. This could be used to, for example, send emails which would appear to come from the user running the web browser. In order to mitigate this, Mozilla (as well as many other vendors) blocked Firefox from accessing certain ports.
The two ports you tried, 79 and 1, happen to be on the blocklist. The source contains the full list of blocked ports. You can (on your browser) override this list using the preferences
network.security.ports.banned. This isn’t useful on the Internet in general, as you’d have to convince everyone who might visit your site to go to
about:config and change them.
(Note: Current versions of Firefox will give an error message explaining that if you try to browse to a site on a blocked port.)
In general, there is little reason to use additional HTTP ports, at least externally. If you have to, prefer traditional extra ports like 8080, 8000, etc. that are far less likely to be blocked or at least ones outside of the IANA-assigned system ports range (0-1023). See the IANA port registry for more details.
You can run any service on any port (modulo privileges). That HTTP is on port 80 is pure convention, there’s no technical reason to do this. So yes, you could run HTTP on port 1 (unless it is being used by another program). If it didn’t work for you, then either you still need to fix the server configuration (check what
netstat -ntl says), or, as goldilocks pointed out, you simply were not aware that for HTTP on any port with number other than 80 you need to tell the browser the port number as well.