Port 4443 (HTTPS Alternate)
TCPAlternate HTTPS port — commonly used by VPN gateways, web apps, and development servers.
What is Port 4443?
Port 4443 is one of the most widely used alternate HTTPS ports. When the standard HTTPS port 443 is already occupied by a primary web server, services bind to 4443 instead. It carries the same TLS-encrypted traffic as port 443 but on a non-standard number.
Common services on port 4443 include Fortinet FortiGate SSL VPN, Cisco AnyConnect, Kubernetes API server (via --secure-port), Apache/Nginx alternate HTTPS virtual hosts, Docker registries, and local development servers (e.g., webpack-dev-server, Vite).
Because port 4443 is not a well-known IANA port, corporate firewalls and browser security policies may block it by default. Always verify that your firewall rules explicitly allow 4443 and that a valid TLS certificate is configured for the service.
Port 4443 Security
Any service on port 4443 should use a valid TLS certificate (not self-signed in production) and enforce TLS 1.2 or higher. Restrict access with firewall rules so only trusted IP ranges or VPN clients can reach the port. If the service is a VPN gateway, enable multi-factor authentication.
Regularly update the software listening on 4443 to patch known vulnerabilities. Monitor access logs for brute-force attempts and unexpected source IPs. Use rate limiting and intrusion detection to catch scanning activity early.
How to Check Port 4443
To check if port 4443 is open on a remote host, use nmap: 'nmap -p 4443 hostname'. For a quick TCP connection test, use: 'telnet hostname 4443' or 'nc -zv hostname 4443'. On Windows PowerShell, use: 'Test-NetConnection -ComputerName hostname -Port 4443'.
To check if port 4443 is listening on your local machine, use: 'netstat -tlnp | grep 4443' on Linux, or 'ss -tlnp | grep 4443'. On Windows, use: 'netstat -an | findstr 4443'. For a comprehensive scan, use: 'nmap -sV -p 4443 hostname' to detect the service version running on the port.
Related Ports
Frequently Asked Questions
What is port 4443 used for?
Port 4443 is an HTTPS alternate port commonly used by VPN gateways (Fortinet SSL VPN, Cisco AnyConnect), Kubernetes API servers, web application firewalls, reverse proxies, and development servers when port 443 is already in use.
What is the difference between port 4443 and port 443?
Port 443 is the standard HTTPS port assigned by IANA, while port 4443 is an unofficial alternate used when 443 is occupied. Both carry TLS-encrypted traffic, but port 4443 may require explicit configuration in browsers and firewalls since it is not a well-known port.
Which services use port 4443?
Common services on port 4443 include Fortinet FortiGate SSL VPN, Cisco AnyConnect VPN, Kubernetes API server (--secure-port), Apache/Nginx alternate HTTPS vhosts, Docker registry, Pharos print management, and various development servers.
Should port 4443 be open on my firewall?
Only open port 4443 if you run a service that requires it, such as a VPN gateway or alternate HTTPS endpoint. Close it otherwise to reduce your attack surface. Use firewall rules to restrict access to trusted IP ranges.
How do I check if port 4443 is open?
Use 'nmap -p 4443 hostname' to scan remotely, 'netstat -tlnp | grep 4443' or 'ss -tlnp | grep 4443' to check locally on Linux, and 'Test-NetConnection -ComputerName hostname -Port 4443' in Windows PowerShell.
🔍 Check Your IP Address
While you're here, find out your public IP address, location, and ISP details instantly.
Check My IP →