Operating system Debian Linux 12
Virtualmin version 7.20.2 Pro
Modern browsers and mobile browsers kind of require usage of HTTPS through the 443 port.
On most of my system I keep open only the minimum ports and I wonder what reason would justify to keep open the port 80.
What experimented people think ?
why not experiment & find out ? but there is the point that there maybe some app somewhere that relies on port 80 to communicate, I wouldguess the answer is just trial & error
Unless HSTS is set they, browsers go to port 80 and then upgrade to 443.
You need to keep port 80 on even for the initial handshake to allow an upgrade to HTTPS.
Ok I tested… So far things seems to work ok (visitors access the site).
However Let’s encrypt cannot renew or create a certificate.
It is possible some services requires http…
If you’re using Let’s Encrypt, you cannot block port 80, because then it will fail to validate.
I can’t think of any good reason to block port 80. Just redirect users to HTTPS.
This topic was automatically closed 8 days after the last reply. New replies are no longer allowed.