Web Application Firewall (WAF) protects services on both standard and non-standard ports. Standard ports are 80, 8080, 443, and 8443. WAF forwards traffic to the origin server only on the ports you specify when adding a website—traffic on unspecified ports is not forwarded.
Port support by edition
The ports available to a WAF instance depend on the edition and the access mode (transparent proxy or CNAME record).
Transparent proxy mode
WAF instances in transparent proxy mode support any non-standard port in the range 0–65535.
The number of traffic redirection ports supported in transparent proxy mode is limited. For details, see Transparent proxy mode.
CNAME record mode
Only subscription WAF instances of the Business, Enterprise, or Exclusive edition support non-standard ports in CNAME record mode. The following table shows the ports supported by each edition.
The ports listed in the console take precedence. To view the latest supported ports for your instance, see View supported ports in the console.
| Edition | Max ports per instance | Standard HTTP ports | Standard HTTPS ports | Non-standard HTTP ports | Non-standard HTTPS ports |
|---|---|---|---|---|---|
| Pro | 4 | 80, 8080 | 443, 8443 | Not supported | Not supported |
| Business | 30 (standard + non-standard combined) | 80, 8080 | 443, 8443 | 81, 82, 83, 84, 86, 87, 88, 89, 97, 800, 808, 1000, 1090, 3333, 3501, 3601, 5000, 5222, 6001, 6666, 7000, 7001, 7002, 7003, 7004, 7005, 7006, 7009, 7010, 7011, 7012, 7013, 7014, 7015, 7016, 7018, 7019, 7020, 7021, 7022, 7023, 7024, 7025, 7026, 7070, 7071, 7081, 7082, 7083, 7088, 7097, 7510, 7777, 7800, 8000, 8001, 8002, 8003, 8008, 8009, 8020, 8021, 8022, 8025, 8026, 8077, 8078, 8081, 8082, 8083, 8084, 8085, 8086, 8087, 8088, 8089, 8090, 8091, 8106, 8181, 8334, 8336, 8686, 8800, 8888, 8889, 8999, 9000, 9001, 9002, 9003, 9021, 9023, 9027, 9037, 9080, 9081, 9082, 9180, 9200, 9201, 9205, 9207, 9208, 9209, 9210, 9211, 9212, 9213, 9898, 9908, 9916, 9918, 9919, 9928, 9929, 9939, 9999, 10000, 10001, 10080, 12601, 28080, 33702, 48800* | 4443, 5443, 6443, 7443, 8553, 8663, 9443, 9553, 9663, 18980* |
| Enterprise | 50 (standard + non-standard combined) | 80, 8080 | 443, 8443 | Same as Business edition | Same as Business edition |
| Exclusive (unavailable for purchase) | 50 (standard + non-standard combined) | 80, 8080 | 443, 8443 | All non-standard ports in the range 0–65535, except system ports: 22, 53, 4431, 4646, 4985, 4986, 4987, 6060, 8301, 8600, 9100, 15001, and 56688 | All non-standard ports in the range 0–65535 (same exclusions apply) |
\* Ports 48800 (HTTP) and 18980 (HTTPS) are supported only by WAF instances deployed in the Chinese mainland. Instances deployed outside the Chinese mainland do not support these ports.
View supported ports in the console
Log on to the WAF console and go to the Website Configuration page.
Find the domain name to manage and click Edit in the Actions column.
In the Edit Domain Name panel, locate the HTTP Port section and click View Port Range.
For details on specifying ports when adding a website, see Specify ports.
If your port is not supported
If your service uses a port that is not in the supported list for your current edition, you have two options:
Upgrade to a higher edition: Business and Enterprise editions support a broader range of non-standard ports. The Exclusive edition supports all non-standard ports in the range 0–65535 (excluding reserved system ports).
Use transparent proxy mode: Transparent proxy mode supports any non-standard port in the range 0–65535. For details, see Transparent proxy mode.