Open port 8443: HTTPS

What this means

Port 8443 is an alternative to the default HTTPS port (443).

Some applications and web servers use it for secure communication when 443 is unavailable or reserved for other services.

It functions the same way as HTTPS on port 443, using SSL/TLS encryption to protect data in transit. It is the primary protocol used by the Apache Tomcat web server.

Why this is a problem

An open HTTPS 8443 port means that the service can be accessed from an untrusted network without proper security controls.

If the port is not secured or misconfigured, it can lead to:

• unauthorised access to system resources through XSS, CSRF or SQL injection
• unintended publication of services providing information disclosure
• Denial-of-Service (DoS) attacks by overwhelming the service
• unauthorised access and exploitation of unpatched services

How to check if the problem is there

Check open HTTPS ports

Run the following command to check if HTTPS ports are open:

Windows (Command Prompt):

netstat -an | find ":8443"

Telnet <server ip address> 8443

Linux/Mac (Terminal):

sudo netstat -tulnp | grep ":8443"

How to fix this

To mitigate attacks against open HTTPS 8443 port, an administrator can take the following steps to block access or reduce the attack surface.

Restrict network access

To restrict network access, carry out the following:

• disable or uninstall services if not required
• install a Web application Firewall (WAF)
• segment the network to isolate the service
• regularly patch any application or service using the port

Regularly Monitor Logs

Regularly monitor your event logs and consider:

• using SIEM tools to detect anomalies
• deploying Intrusion Detection Systems (IDS)