How to make Apache port 80 secure?

apache-2.2 ssl

It won't work if you keep ssh on port 443, but if you move this to yet another port, it would work.

Of course you could configure Apache to use HTTPS on port 80, but this would mean that your users would have to explicitly specify the port to use, like https://www.example.com:80/yourfile.html because normally the browser would expect to talk http on port 80 and https on port 443. Also, users could run into problems with firewalls which make the same assumption and block https on port 80.


Change your SSH port to something else. Honestly, I keep mine at the default 22 - I find no reason to change this, even though lots of people recommend changing it. It does make it hard[er] to figure out the SSH port if you change it, but it's not impossible.

Additionally, you need to serve Apache on 80 (http) and Apache SSL on 443 (HTTPS). If you want to force redirection of HTTP -> HTTPS by setting up a redirect on the Apache side, however, if you aren't trying to force http->https, you just need to make sure that SSL is configured and enabled on Apache (no redirect required if you aren't forcing http -> https).

Default Ports:

22 -> SSH
80 -> HTTP
443 -> HTTPS

Recommendation:
Never set a service to use a well known port of another service.

Related

Server Monitoring tool [closed]
What's the largest message size modern email systems generally support?
How to disable ETag headers in Tomcat
Testing download speed using iperf
Can't get Passwordless (SSH provided) SFTP working
MySQL maintenance - how to clear the buffer?
Windows environment variables and manual registry editing - no/wrong values issue
Exim4 won't send message
Cannot write to file as root
How to block an IP using iptables
How to change the hostname of a VM using VMware
Cleanest & Fastest server setup for Django [closed]