What Is the Default HTTPS Port for Apache?

This article provides a quick overview of the default port Apache uses for secure web traffic, how it functions alongside standard HTTP, and how to modify it within your server configuration. Understanding this port assignment is essential for configuring firewalls, securing web applications, and ensuring seamless SSL/TLS communication.

The Default Port for HTTPS

By default, the Apache HTTP Server listens on port 443 for secure, encrypted HTTPS traffic. While regular, unencrypted HTTP web traffic typically travels over port 80, port 443 is the universal standard for traffic secured by SSL/TLS certificates. When a user prefixes a URL with https://, their web browser automatically attempts to connect to the hosting server via port 443.

How Apache Handles Port 443

To successfully accept connections on port 443, Apache relies on its SSL module (usually named mod_ssl). This module allows the server to manage cryptographic handshakes, validate digital certificates, and encrypt the data transmitted between the server and the client. In a standard setup, Apache uses a virtual host configuration block to listen specifically for this secure traffic:

<VirtualHost *:443>
    ServerName www.example.com
    DocumentRoot /var/www/html
    SSLEngine on
    SSLCertificateFile /path/to/certificate.crt
    SSLCertificateKeyFile /path/to/private.key
</VirtualHost>

Changing the Default Port

While port 443 is the standard, administrators can change this port if network constraints or security policies require it. This is done by modifying the Apache configuration files (commonly httpd.conf or ports.conf).

To change the port, the Listen directive must be updated to the new designation, such as Listen 8443. If this change is made, users will need to explicitly append the new port number to the URL when visiting the site, such as https://example.com:8443.