Web Server port options - help

[Iturea]

What is a good port to configure your webserver on. I mean the default is port 80 but I have dns software that can configure it on another port. Anyhow is it worth doing? Would the server be more secure on a different port? If so what port number should I configure it to? 8080?

[ArcticFox]

8080 would work, try 81 also. I know 8080 isn't really used by anything, so try that.

[Iturea]

Does it help in security to run it on a different port? I mean what is the difference to a hacker? Can't he just tell that I am running the server on 8080 instead of 80 and attack me there? I basically want to know the benifits of running the web service on a different port.

[Siliconjunkie]

The only reason to run it somewhere besides 80 is if your ISP blocks 80.

And, DNS cant change the http port. The user has to request any port but 80 unless it is doing redirection like ZoneEdit does.

[DVNT1]

Changing the default port to something other than 80 will reduce your risks from random attacks. It will not change the risk associated with someone who is targeting your site.

The difference is simply most HTTP based exploits are attacked via scripts that only scan port 80 since it is by far the most common for HTTP.

A downside to a port other than 80, you will prevent some people from accessing it (especially those behind proxy servers and very restrictive firewalls). Some people will have problems because they will forget (or not know how) to change the requesting port in their web browser.

[Iturea]

Thanks, that answers my questions.