All Products
Search
Document Center

Web Application Firewall:View supported ports

Last Updated:Jan 06, 2025

Web Application Firewall (WAF) can protect web service traffic on both standard and non-standard ports. When you add a website to WAF, you must specify origin server ports. WAF receives and forwards traffic based on the ports that you specify. This topic describes the supported standard and non-standard ports.

Standard ports

WAF can protect web service traffic on the following standard ports:

  • HTTP ports: 80 and 8080

  • HTTPS ports: 443 and 8443

Non-standard ports

Cloud native mode

If you add your website to WAF in cloud native mode, you can specify non-standard ports in the range of 0 to 65535.

CNAME record mode

If you add your website to WAF in CNAME record mode, you can specify only supported ports. Different WAF editions support different non-standard ports.

Edition

Supported non-standard port

Number of supported non-standard ports

Subscription Basic and Pro

Not supported

N/A

Subscription Enterprise and Ultimate

IPv4

IPv6

  • Subscription Enterprise: 50

  • Subscription Ultimate: 100

If you use HTTP or HTTPS, non-standard ports in the range of 0 to 65535 are supported, excluding the following system ports: 9, 20, 21, 22, 23, 25, 42, 53, 67, 68, 69, 110, 135, 137, 138, 139, 143, 161, 389, 445, 593, 1434, 1521, 3127, 3306, 3389, 4444, 5554, 5800, 5900, 6379, 9996, 11211, 27017, 27018, 50030, 50070, 61613, 61616, and 61617.

  • HTTP ports:

    81, 82, 83, 84, 86, 87, 88, 89, 97, 800, 808, 1000, 1090, 3333, 3501, 3601, 5000, 5222, 6001, 6666, 7000, 7001, 7002, 7003, 7004, 7005, 7006, 7009, 7010, 7011, 7012, 7013, 7014, 7015, 7016, 7018, 7019, 7020, 7021, 7022, 7023, 7024, 7025, 7026, 7070, 7081, 7082, 7083, 7088, 7097, 7510, 7777, 7800, 8000, 8001, 8002, 8003, 8008, 8009, 8020, 8021, 8022, 8025, 8026, 8077, 8078, 8081, 8082, 8083, 8084, 8085, 8086, 8087, 8088, 8089, 8090, 8091, 8106, 8181, 8334, 8336, 8686, 8800, 8888, 8889, 8999, 9000, 9001, 9002, 9003, 9021, 9023, 9027, 9037, 9080, 9081, 9082, 9180, 9200, 9201, 9205, 9207, 9208, 9209, 9210, 9211, 9212, 9213, 9898, 9908, 9916, 9918, 9919, 9928, 9929, 9939, 9999, 10000, 10001, 10080, 12601, 28080, 33702, and 48800

  • HTTPS ports:

    4443, 5443, 6443, 7443, 9443, 8553, 8663, 9553, 9663, and 18980

Pay-as-you-go

100

To view the supported ports in the WAF console, perform the following steps:

  1. Go to the Website Configuration page.

  2. On the CNAME Record tab, find the domain name whose ports you want to view and click Edit in the Actions column.

  3. In the Edit Domain Name panel, select HTTP or HTTPS and click View Port Range.

References

  • For more information about how to query the ports of an instance that are added to WAF, see DescribeResourcePort.