HTTPS Protocol: What is the Default Port for SSL & Common TCP Ports

HTTPS Protocol: What is the Default Port for SSL & Common TCP Ports

SSL port numbers serve as communication endpoints for transmitting or receiving data. One of the primary functions of these ports is to establish a secure connection between a web page and a website hosting server or the CDN/WAF that might sit in front of it. These add an extra layer of security by leveraging either Secure Sockets Layer (SSL) or Transport Layer Security (TLS) certificates for encryption.

At their core, HTTPS ports are identified using numerical codes. For instance, your web browser might use network port 443 to connect to your website’s hosting server for secure HTTPS connections.

In this post, we’ll take a look at the most common default ports for HTTPS and explain how HTTPS and SSL certificates work together to encrypt and secure your website’s data.


What is a port number?

A port number serves as a unique identifier for specific processes to which network messages are directed upon reaching a server. Every network-connected device features standard ports with uniquely assigned numbers, each designated for a specific protocol and function.

For instance, one of the most frequently used ports, port 80, is always assigned to HTTP messages. The idea of port numbers, initially termed as socket numbers, was proposed by the Advanced Research Projects Agency Network’s developers, and bears a similarity to the class of Internet Protocol (IP) addresses in use today.

What is the difference between SSL and the HTTPS protocol?

SSL is the technology used to encrypt data for internet connections, ensuring data transmission between a website and server remains secure. The HTTPS protocol, however, refers to the method of using SSL (or its successor, TLS) on a specific port to create a secure connection.

In essence, HTTPS operates over SSL on a web server with an SSL private key, and on the browser with an SSL certificate, leveraging the Public Key Infrastructure (PKI) to confirm legitimacy.

While both SSL and HTTPS work together, they have different roles. SSL (now largely replaced by the more efficient TLS) authenticates user identity when data is sent. The key difference is that only HTTPS ensures a secure channel for transmitting encrypted data.

A website with an SSL certificate typically has HTTPS in its URL and displays a padlock icon next to the domain name.

HTTPS port connection on a secure website connection with an SSL certificate

What is the default port for HTTPS?

Default HTTPS connections use TCP port 443 to facilitate encrypted communications between the web browser and server. This encryption ensures a secure data exchange during a website visit.

In contrast, the unsecured HTTP protocol uses TCP port 80. Overall these HTTPS ports, differentiated by unique numbers, heighten security by employing SSL or TLS encryption for website interactions.

What is the difference between port 443 and port 8443?

HTTPS port 443 and port 8443 differ mainly in their usage; 443 is a standard web browsing port designed for secure data transmission between web browsers and servers, while 8443 is used less frequently by Apache Tomcat for SSL text service to prevent conflicts. Even though both are HTTPS ports, Tomcat specifically defaults to 8443. Tomcat is rarely seen being used on public websites.

What are the most common TCP ports?

Here is a list of the most common TCP ports for web services like HTTP, SSL, cPanel, and SMTP.

Web Ports

Port #Function

cPanel Ports

Port #Function
2082cPanel TCP inbound
2083cPanel SSL TCP inbound
2086WHM TCP inbound
2087WHM SSL TCP inbound
2089WHM SSL TCP inbound
2095Webmail TCP inbound
2096Webmail SSL TCP inbound

Email Ports

Port #Function
110POP – Incoming
995POP SSL – Incoming
143IMAP – Incoming
993IMAP SSL – Incoming
25, 80, 3535SMTP – Outgoing
465SMTP SSL – Outgoing

What is the difference between SSL and TLS?

Secure Sockets Layer (SSL) is an established protocol that forges a secure connection between two devices or applications on a network. It’s instrumental in establishing trust and authenticating the opposite party prior to sharing credentials or data online. Despite its wide usage in applications or browsers for creating an encrypted communication channel, SSL is an older technology that comes with certain security shortcomings.

Transport Layer Security (TLS) is essentially an improved version of SSL, designed to address and fix vulnerabilities present in SSL. With its more efficient authentication process, TLS is a more secure and reliable option compared to its earlier counterpart.

SSL vs. TLS: Comparison Table

TerminologySSL stands for Secure Sockets LayerTLS stands for Transport Layer Security
StatusAll SSL versions are now deprecated.TLS versions 1.2 and 1.3 in use.
AlertsSSL alert messages are unencrypted.TLS alert messages are encrypted.
AuthenticationSSL uses Message Authentication Codes (MACS)TLS uses Hashed Message Authentication Codes (HMACS)
EncryptionSSL uses older encryption algorithms with known vulnerabilities.TLS supports advanced encryption algorithms.
ConnectionSSL handshakes are tedious and slow.TLS handshakes are faster with fewer steps.

What OSI model levels do SSL/TLS and HTTPS operate on?

The Open Systems Interconnection (OSI) is a framework that divides the various functions of network communications into seven different layers. Ports are found at the Transport Layer 4 of the OSI model.

OSI Model Application Layers 1 to 7 for HTTP SSL port connection

SSL and TLS operate between layers 4 and 7, while HTTPS itself is found on Application Layer 7.

What is the difference between an SSL certificate and TLS certificate?

Nowadays, SSL certificates are technically obsolete, with TLS certificates taking their place as the industry norm — however, the term “SSL” is still commonly used to describe TLS certificates. The core functionality of both types of certificates remains the same, with TLS iterations improving on the original SSL model over time.

Despite this terminology overlap, modern SSL certificates support both SSL and TLS protocols, underlining the importance of ensuring server configurations are compatible with progressively mandatory TLS protocols.

SSL v1.0 through to v3.0 and TLS 1.1 should be considered insecure; its use would nullify any PCI compliance.

How can I get HTTPS on my website?

To add HTTPS to your website, you’ll need to install an SSL certificate or get one through a provider. Obtaining an SSL certificate for your website can be simplified by purchasing one from a certificate authority like GoDaddy or acquiring a free one from Let’s Encrypt. Your hosting provider may already provide an SSL certificate — so it’s worth verifying with them first to avoid unnecessary work.

If you’re using the Sucuri Web Application Firewall (WAF), SSL will be enabled on your firewall servers by default — even without an SSL certificate on the website’s origin server. This ensures encryption of data between visitors and the viewed web page. Despite this, having an SSL certificate on your origin server is still essential.

Chat with Sucuri

You May Also Like