Is it safe to serve HTTP/HTTPS over ports 8080/8443

Due to an infrastructure limitation, one of the proposed solutions for serving an HTTP service to the world is to offer it over ports 8080 and 8443.

My concern is that some users may not be able to access these services because they are not running on standard ports, and the content might be filtered by (for instance) as part of the corporate network policy.

So... how likely is it that a user from the internet at large might not be able to access these services?


Corporate networks will usually be defaulted to rules like this:

deny all; allow 80; allow 443; allow 21; allow 22; etc...

It is much easier to configure this way rather than to explicitly deny 99% of the 65,535 available ports.

With that said, I took over a client-facing portal which used a non-standard port due to network limitations; I do not know the NAT details. Anyways, this made it impossible for about 50% of our users/visitors to access site and whenever they would call us to report this issue, we would have to coordinate with their non-existent IT to try and get an allow rule implemented.


I do not know the details of your infrastructure limitations but I would imagine that something else is running on 80/443

If this is the case then your only shot might be to use an internal proxy or upgrade the switch to something with more advanced NAT capabilities which can route the requests appropriately.


TL;DR

Don't use a non-standard port for public-facing services which already have a standard port.


It is very likely those will be blocked, especially in corporate networks or on public wifi. Less likely on a regular home internet connection.

It would certainly be blocked on my work network.

In addition, people will have to remember to type the port number to get to your site, which is an extra headache you don't want to deal with. For internal or private sites its not a big problem but if this is for the general public you will have a lot more success using the standard ports.