Linux - Port 80 - How to give permissions

About

On Unix-based systems, the default HTTP port 80 is only available to program started by the root user.

For security reasons, it is not desirable to run the server as root (if the program got hacked for instance).

This page shows you two options on how to give access to a program without starting it as root.

Option

cap_net_bind_service

The frist option is to give a permission to the program Linux - secure linux (SELinux)

sudo setcap 'cap_net_bind_service=+ep' /path/to/your/progam

redirect

Or you can redirect the port. If you're program is listening on the port 3000, you can redirect it with the following iptables command

sudo iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 3000

Documentation / Reference


Powered by ComboStrap