How to Change Nginx Port in Linux?

Nginx is a popular open-source web server known for its speed, reliability, and scalability. The default port for Nginx is 80, which handles standard HTTP traffic. While this port works well in most cases, changing it can enhance security by making your server less predictable to potential attackers who commonly target well-known ports.

Checking Current Nginx Configuration

Before changing the Nginx port, it is important to verify that your current configuration is correct and identify where the port settings are located.

Step-by-Step Configuration Check

Follow these steps to check your current Nginx configuration ?

• Log in to your Linux server as root or a user with sudo privileges

• Open the main Nginx configuration file, typically located at /etc/nginx/nginx.conf

• Check for syntax errors by running the configuration test command

sudo nginx -t

If there are no syntax errors, you should see output similar to "nginx: configuration file /etc/nginx/nginx.conf test is successful". Any errors will be displayed in the terminal for you to address.

Understanding the Configuration Structure

The Nginx configuration file contains all settings related to server operation. The main configuration file is usually at /etc/nginx/nginx.conf, but individual site configurations are often stored in /etc/nginx/sites-available/ or /etc/nginx/conf.d/ directories.

The configuration structure uses blocks enclosed in curly braces {}, with each block serving specific purposes like defining HTTP servers, SSL configurations, or upstream connections.

Changing Nginx Port in Linux

Modifying the Port Configuration

To change the default Nginx port, you need to modify the listen directive in your server configuration. Open the configuration file with a text editor ?

sudo nano /etc/nginx/sites-available/default

Locate the line that specifies the current port ?

listen 80;

Change it to your desired port number. For example, to use port 8080 ?

listen 8080;

If you have SSL configured, you may also need to update the HTTPS port ?

listen 8443 ssl;

Applying the Configuration Changes

After modifying the configuration, test it for syntax errors and restart the Nginx service ?

sudo nginx -t
sudo systemctl restart nginx

Verify that Nginx is running on the new port ?

sudo netstat -tlnp | grep nginx

Testing the New Port Configuration

After changing the port, it's crucial to test that your web server is accessible through the new port before considering the change complete.

Testing Methods

Use these methods to verify your new port configuration ?

Using curl command ?

curl http://localhost:8080

Using telnet command ?

telnet localhost 8080

Using web browser ?

Navigate to http://your-domain.com:8080 or http://your-server-ip:8080

Common Issues and Troubleshooting

Additional Security Considerations

Configuring Firewall Rules

Update your firewall to allow traffic on the new port while blocking the old one if no longer needed ?

sudo ufw allow 8080/tcp
sudo ufw delete allow 80/tcp

Updating DNS and Load Balancer Settings

If you use DNS records that specify port numbers or have load balancers pointing to your server, update these configurations to reflect the new port. This ensures users can access your services without interruption.

SELinux Considerations

On systems with SELinux enabled, you may need to allow Nginx to bind to non-standard ports ?

sudo setsebool -P httpd_can_network_connect 1
sudo semanage port -a -t http_port_t -p tcp 8080

Conclusion

Changing the Nginx port in Linux is a straightforward security enhancement that involves modifying the listen directive in your configuration files. Remember to test your changes thoroughly, update firewall rules, and modify any dependent services or DNS records to ensure seamless operation on the new port.