Is port 80 mandatory?

tommaso.ascani · October 19, 2023, 3:10pm

I just configured traefik and i got a question about entrypoints.
I want that every request from outside my home network goes through https, (tell me if i'm saying wrong) so i use only port 443 and i think port 80 is useless, then i tried to remove web (:80) entrypoint and closed port 80 forwarding on home router and all other port 80 dependencies, and everything works fine (i can reach services from outside home network through https request).

I don't know if i'm asking a wrong question, but can use only port 443 and remove port 80?
Do i need port 80 for something?
Or instead can i use port 443 for https request only from WAN and port 80 for request only from LAN?

Artfaith · October 19, 2023, 5:45pm

Greetings!

Even considering HSTS and HTTPS, HTTPS-Only Standard, HTTPS-First, and other transitions towards HTTPS, nowadays, usually, it's still required knowing the amount of TCP clients which may try http:// by default (:80 for decades) and only then try https (:443 for decades) or not at all. Both ports are stated in Service Name and Transport Protocol Port Number Registry at Internet Assigned Numbers Authority (IANA).

Therefore, some single or two clients may still try connecting to you on 80 and if you have a proxy or any kind of redirection, and if configured that way and it all matches expected requests, the client should receive 301 HTTP, 302 HTTP, or any other prior chosen redirection kind to an endpoint/location with HTTPS schema and proper secure layer applied like Transport Layer Security (TLS).

Current version of modern browsers like Google Chrome v117, for example, will automatically try HTTPS first with default configuration set, later HTTP, and only then show a failure message like ERR_CONNECTION_TIMED_OUT if non resolved in successful TCP connection with the protocol/schema implicitly stated URI/URL/location like ://example.com, example.com or even 192.168.0.1.

Have you tried curl -v http://your-domain.com with the redirection set up for example? Please check out mixed content term also if you haven't yet.

In other words, usually in various major cases, port :80 is used to redirect these clients which try HTTP first. Some might state it's an additional step for less issues on clients side knowing how ineffably marvelous the World and History we know is... and how many magnificent implementations are out there...

bluepuma77 · October 19, 2023, 8:29pm

It’s not mandatory, but clients usually try first to connect to port 80 using http, so most people place a redirect there.

Topic		Replies	Views
Https on additional custom port (8080) Traefik v2 docker	9	8440	May 14, 2021
Traefik Routers - SSL Redirect + Port 80 for specific Sites Traefik v2 docker , middleware	2	2582	May 22, 2022
Can I use Traefik with SSH tunnel for testing a localhost web? Traefik v2 docker , tcp	1	1338	July 1, 2023
Traefik redirection - unusual scenario https with port 80 Traefik v3 (latest) middleware	2	40	October 25, 2024
Redirect to HTTPS on custom entrypoint Traefik v2 docker , tcp , middleware	6	58	September 4, 2024

Is port 80 mandatory?

Related topics