Skip to content
PortsDB

Port reference

Port 8443 (TCP) – HTTPS Alternate

Alternate TLS web port for admin consoles, Tomcat HTTPS connectors, and network appliances.

tcpRegisteredCommonly attacked

Default state

Open when an app server or appliance exposes an HTTPS admin UI. Often reachable from the internet on firewalls, VPNs, and management consoles.

Common attacks

  • Exposed admin consoles with default or weak credentials
  • Appliance and VPN management RCE chains (firewalls, gateways)
  • TLS misconfiguration and weak/expired certificate abuse
  • Scanning for known web-app and Tomcat SSL vulnerabilities

Hardening

  • Restrict 8443 admin UIs to management VLANs or VPN, not the internet
  • Enforce strong auth and MFA; remove default accounts
  • Use valid certificates and modern TLS; disable weak ciphers
  • Patch the appliance/app server and monitor admin logins
  • IP-allowlist access and rate-limit authentication

nmap snippet

nmap -p8443 --script ssl-cert,ssl-enum-ciphers,http-title <target>

Replace <target> with the host or range you're authorized to scan.

What runs on port 8443?

Port 8443 is a widely used alternate HTTPS port. It is the default for Tomcat's SSL connector and for web admin consoles on firewalls, VPN gateways, and other network appliances, typically chosen when 443 is already in use. Unlike plain HTTP on 8080, traffic on 8443 is TLS-encrypted by design.

Why it matters for security

8443 very often fronts a management interface. These consoles hold the keys to the device — firewall rules, VPN config, app deployments — so an exposed, weakly authenticated admin UI is a direct path to compromise. Encryption protects the channel, but it does nothing for default credentials or an unpatched appliance behind it.

How it's attacked

Attackers scan for 8443 admin consoles and try default or weak credentials. Network appliances and VPN gateways on this port are frequent targets of authentication-bypass and RCE chains. Weak or expired TLS/certificate configurations are flagged, and scanners fingerprint the backend to match known Tomcat or web-app vulnerabilities.

Hardening checklist

Restrict 8443 admin UIs to a management VLAN or VPN rather than the public internet. Enforce strong authentication and MFA, and remove default accounts. Deploy valid certificates with modern TLS and disable weak ciphers. Patch the appliance or app server promptly, IP-allowlist access, rate-limit logins, and monitor admin authentication. Use the nmap snippet to check certificate and cipher posture on systems you are authorized to test. </content>

Related ports

Port 443Port 8080Port 6443Port 80

Frequently asked questions

What is port 8443 used for?
It is a common alternate HTTPS port, used for Tomcat's SSL connector and for web admin consoles on firewalls, VPNs, and appliances when port 443 is taken. Traffic is TLS-encrypted by design.
Is it safe to expose port 8443?
Only with care. 8443 frequently fronts admin consoles that are prime targets for credential attacks and appliance RCE. Restrict it to management networks or VPN, enforce MFA, and keep the software patched.