Web Application Firewall (WAF) protects services that use standard ports and non-standard ports. The standard ports are 80, 8080, 443, and 8443. The non-standard ports must be supported by WAF. You can specify non-standard ports for the origin server when you configure WAF for your website. WAF receives and forwards traffic on the ports that you specify.

Background information

After you configure WAF for your website, WAF forwards traffic to the origin server only on the specified ports. WAF does not forward traffic on the ports that are not specified.

Precautions

WAF protects services that use standard ports or non-standard ports. The number of ports that are supported and the range of non-standard ports that are supported by a WAF instance vary based on the WAF edition that is used. For more information, see Ports supported by each WAF edition. Take note of the following items:
  • The maximum number of ports that a WAF instance supports is the total number of standard and non-standard ports that the instance supports.
  • You can use all the non-standard ports only when you use a WAF instance of the Exclusive edition.In other cases, you can use only the non-standard ports that are supported by WAF.

View the supported ports in the WAF console

You can view the supported ports in the WAF console.
  1. In the left-side navigation pane of the WAF console, choose Asset Center > Website Access.
  2. Find the domain name for which you want to specify ports and click Edit in the Actions column.
  3. On the Edit page, find the Destination Server Port section, click Customize, and then enter port numbers based on your business requirements.

For more information, see Configure ports.

Ports supported by each WAF edition

Only subscription WAF instances of the Business edition or higher allow you to specify non-standard ports. The following table lists the ports that are supported by each WAF edition. The supported ports in the console shall prevail. For more information about how to view the supported ports in the console, see Configure ports.
WAF edition Maximum number of ports supported by each WAF instance Supported standard port (default) Supported non-standard port (custom)
Pro 4
  • HTTP ports: 80 and 8080
  • HTTPS ports: 443 and 8443
Not supported.
Business 10 (This is the total number of standard ports and non-standard ports.)
  • HTTP ports: 80 and 8080
  • HTTPS ports: 443 and 8443
  • HTTP ports:
    81, 82, 83, 84, 86, 87, 88, 89, 97, 800, 808, 1000, 1090, 3333, 3501, 3601, 5000, 5222, 6001, 6666, 7000, 7001, 7002, 7003, 7004, 7005, 7006, 7009, 7010, 7011, 7012, 7013, 7014, 7015, 7016, 7018, 7019, 7020, 7021, 7022, 7023, 7024, 7025, 7026, 7070, 7071, 7081, 7082, 7083, 7088, 7097, 7510, 7777, 7800, 8000, 8001, 8002, 8003, 8008, 8009, 8020, 8021, 8022, 8025, 8026, 8077, 8078, 8081, 8082, 8083, 8084, 8085, 8086, 8087, 8088, 8089, 8090, 8091, 8106, 8181, 8334, 8336, 8686, 8800, 8888, 8889, 8999, 9000, 9001, 9002, 9003, 9021, 9023, 9027, 9037, 9080, 9081, 9082, 9180, 9200, 9201, 9205, 9207, 9208, 9209, 9210, 9211, 9212, 9213, 9898, 9908, 9916, 9918, 9919, 9928, 9929, 9939, 9999, 10000, 10001, 10080, 12601, 28080, 33702, and 48800
    Notice Only WAF instances that are deployed in mainland China support port 48800.
  • HTTPS ports:
    4443, 5443, 6443, 7443, 8553, 8663, 9443, 9553, 9663, and 18980
    Notice Only WAF instances that are deployed in mainland China support port 18980.
Enterprise 50 (This is the total number of standard ports and non-standard ports.)
  • HTTP ports: 80 and 8080
  • HTTPS ports: 443 and 8443
  • HTTP ports:
    81, 82, 83, 84, 86, 87, 88, 89, 97, 800, 808, 1000, 1090, 3333, 3501, 3601, 5000, 5222, 6001, 6666, 7000, 7001, 7002, 7003, 7004, 7005, 7006, 7009, 7010, 7011, 7012, 7013, 7014, 7015, 7016, 7018, 7019, 7020, 7021, 7022, 7023, 7024, 7025, 7026, 7070, 7071, 7081, 7082, 7083, 7088, 7097, 7510, 7777, 7800, 8000, 8001, 8002, 8003, 8008, 8009, 8020, 8021, 8022, 8025, 8026, 8077, 8078, 8081, 8082, 8083, 8084, 8085, 8086, 8087, 8088, 8089, 8090, 8091, 8106, 8181, 8334, 8336, 8686, 8800, 8888, 8889, 8999, 9000, 9001, 9002, 9003, 9021, 9023, 9027, 9037, 9080, 9081, 9082, 9180, 9200, 9201, 9205, 9207, 9208, 9209, 9210, 9211, 9212, 9213, 9898, 9908, 9916, 9918, 9919, 9928, 9929, 9939, 9999, 10000, 10001, 10080, 12601, 28080, 33702, and 48800
    Notice Only WAF instances that are deployed in mainland China support port 48800.
  • HTTPS ports:
    4443, 5443, 6443, 7443, 8553, 8663, 9443, 9553, 9663, and 18980
    Notice Only WAF instances that are deployed in mainland China support port 18980.
Exclusive edition 50 (This is the total number of standard ports and non-standard ports.)
  • HTTP ports: 80 and 8080
  • HTTPS ports: 443 and 8443
All the non-standard ports in the range of 0 to 65535, excluding specific system ports. The system ports include ports 22, 53, 4431, 4646, 4985, 4986, 4987, 6060, 8301, 8600, 9100, 15001, and 56688.

References

If my website receives requests over an unconfigured port, is the origin server threatened?

Does WAF support custom ports?

What do I do if services on non-standard ports cannot be added to WAF of the Pro edition?