如何更改linux下的apache端口号

一、修改

/etc/httpd/conf/httpd.conf

文件中的监听端口号

Listen 80

把

80

修改成需要的号，如

8000

，即

Listen 8000

二、查看

SELinux

下

http

相关端口

# semanage port -l|grep http

http_cache_port_t tcp 3128, 8080, 8118, 10001-10010

http_cache_port_t udp 3130

http_port_t tcp 80, 443, 488, 8008, 8009, 8443

pegasus_http_port_t tcp 5988

pegasus_https_port_t tcp 5989

发现

8000

不在其范围之内，所以需要另外添加，方法如下：

# semanage port -a -t http_port_t -p tcp 8000

再次查看，

# semanage port -l|grep http

http_cache_port_t tcp 3128, 8080, 8118, 10001-10010

http_cache_port_t udp 3130

http_port_t tcp 8000, 80, 443, 488, 8008, 8009, 8443

pegasus_http_port_t tcp 5988

pegasus_https_port_t tcp 5989

三、在防火墙中开放新添加的端口

修改

/etc/sysconfig/iptables

文件，在文件中添加如一行：

-A INPUT -m state --state NEW -m tcp -p tcp --dport 8008 -j ACCEPT

2

四、重启防火墙和

Apache

# service iptables restart

# service httpd restart

五、正常情况下，应该可以通过新端口访问

WEB

服务了。

注：

1

、第二、三、四步骤是在系统已经开启

SELinux

和防火墙的情况下设置的，如果已经关闭此两

个服务，修改端口后直接重启

Apache

即可；

2

、修改的端口号可以是执行

#semanage port -l|grep http

后，默认已经有的端口，如

8443

，这样

可以省略额外添加

SELinux

端口 *** 作；

3

、第三步 *** 作可以图形界面下完成。

参考资料

1

、

Permission denied: make_sock: could not bind to address

http://emmune.blogspot.com/2009/07/permission-denied-makesock-could-not.html

不熟悉

python

、

plone

、

zope

，想用

apache

。

80

端口已经不在，就征用

81

端口凑合吧。修改

httpd.conf

后

apachectl start

，结果：

(13)Permission denied: make_sock: could not bind to address [::]:81

(13)Permission denied: make_sock: could not bind to address 0.0.0.0:81

查一下

SELinux

下

http

相关端口

semanage port -l|grep http

，结果：

http_cache_port_t tcp 3128, 8080, 8118, 10001-10010

http_cache_port_t udp 3130

http_port_t tcp 80, 443, 488, 8008, 8009, 8443

pegasus_http_port_t tcp 5988

pegasus_https_port_t tcp 5989

直接用

man semanage

最后例子中的一句

# Allow Apache to listen on port 81

semanage port -a -t http_port_t -p tcp 81

3

然后再

apachectl start

，

OK

。使用域名

:81

能够访问啦。

注：

semanage

semanage is used to configure certain elements of SELinux policy without requiring modification

to or recompilation from policy sources. This includes the mapping from Linux usernames to

SELinux user identities (which controls the initial security context assigned to Linux users when

they login and bounds their authorized role set) as well as security context mappings for various

kinds of objects, such as network ports, interfaces, and nodes(hosts) as well as the file context

mapping. See the EXAMPLES section below for some examples of common usage. Note that

the semanage login command deals with the mapping from Linux usernames (logins) to

SELinux user identities, while the semanage user command deals with the mapping from

SELinux user identities to authorized role sets. In most cases, only the former mapping needs to

be adjusted by the administratorthe latter is principally defined by the base policy and usually

does not require modification.

2

、

linux

下

apche

无法监听端口解决办法

http://www.zzxj.net/blog/fxs_2008/archive/2010/07/05/187.html

想建立一个测试用的虚拟主机，遇到了这个问题：

[root@localhost html]# service httpd start

Starting httpd: httpd: Could not reliably determine the server's fully qualified domain name, using

localhost.termwikidev for ServerName

(13)Permission denied: make_sock: could not bind to address [::]:81

(13)Permission denied: make_sock: could not bind to address 0.0.0.0:81

no listening sockets available, shutting down

Unable to open logs

解决办法：

semanage port -l|grep http

semanage port -a -t http_port_t -p tcp 81

这个两个命令一是查看，一个是添加，添加完再查看一遍，如果有

81

，则成功。另可能要以

root

用户运行。

此外，如果要外网访问，还要打开

linux

的防火墙：

4

[root@localhost html]# vim /etc/sysconfig/iptables

[root@localhost html]# service iptables restart

重启

apache.

相关资料：

starting httpd 13 permission denied make_sock could not bind to address2010

年

01

月

19

日

星

期二

11:33In Fedora Core 5/6 and RHEL 5. We have made it easier to customize certain

common parts of SELinux. In previous releases of SELinux if you wanted to change simple

things like which port a daemon could listen to, you would need to write policy. Now we have the

semanage utility.

SELinux assigns types to all network ports on a system. By default all ports are less then 1024

are labeled reserved_port_t and all ports >1024 are labeled port_t. If a port is assigned to a

particular type

say the http port 80, it has an assigned type of http_port_t. If you want to look at all the assigned

ports in SELinux, you can use the semanage tool, semanage port -l.

So if you executed

semanage port -l | grep http

http_cache_port_t tcp 3128, 8080, 8118

http_cache_port_t udp 3130

http_port_t tcp 80, 443, 488, 8008, 8009, 8443

pegasus_http_port_t tcp 5988

pegasus_https_port_t tcp 5989

Here we see http_port_t is assigned to ports 80, 443, 488, 8008, 8009, 8443

The policy is written to allow httpd_t http_port_t:tcp_socket name_bind

This means the apache command can "bind" to an port that is labeled http_port_t.

So lets say you want to run httpd on port 81.

So you edit /etc/httpd/http.conf

and change this line

Listen 80

to

Listen 81

Now restart the daemon.

service httpd restart

Stopping httpd: [ OK ]

Starting httpd: (13)Permission denied: make_sock: could not bind to address [::]:81

(13)Permission denied: make_sock: could not bind to address 0.0.0.0:81

no listening sockets available, shutting down

Unable to open logs

[FAILED]

Now the daemon fails to start because it can not bind to port 81.

This generates an AVC that looks like

----

time->Tue Dec 12 17:37:49 2006

type=SYSCALL msg=audit(1165963069.248:852): arch=40000003 syscall=102 success=no

exit=-13 a0=2 a1=bf96a830 a2=b5b1e8 a3=9e58b68 items=0 ppid=21133 pid=21134

auid=3267 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts10 comm="httpd"

exe="/usr/sbin/httpd" subj=user_u:system_r:httpd_t:s0 key=(null)

type=AVC msg=audit(1165963069.248:852): avc: denied { name_bind } for pid=21134

comm="httpd" src=81 scontext=user_u:system_r:httpd_t:s0

tcontext=system_u:object_r:reserved_port_t:s0 tclass=tcp_socket

To fix this you can use semanage to add the port

semanage port -a -t http_port_t -p tcp 81

Apache的端口号是在其目录下的 httpd.conf　这个文件中设置的。

Apache是跨平台的软件，在linux/windows/unix下都有相应的版本。

找到apache目录下的　httpd.conf, 使用vi　打开，找到　port=80 这一行，　把80改成在此服务器上没有用到的端口号，保存退出。

然后重新启动apache进程即可。

如果你用rpm包安装的apache，那么你的主配置文件应该是在/etc/httpd/conf/httpd.conf这里；

如果你用tar包安装的apache，那么应该在你apache安装目录下的conf/httpd.conf这里；

如果apache是在/usr/local/apache2安装的，那么主配置文件就在/usr/local/apache2/conf/httpd.conf这里.