Is HTTP Port 80 required for vSphere ESX or can it be disabled?
search cancel

Is HTTP Port 80 required for vSphere ESX or can it be disabled?

book

Article ID: 415427

calendar_today

Updated On:

Products

VMware vSphere ESX 8.x VMware vSphere ESX 7.x

Issue/Introduction

Some administrators may consider disabling HTTP (port 80) on ESX (formerly called ESXi) hosts as part of a security hardening strategy, especially if HTTPS (port 443) is intended to be exclusively used. However, port 80 is required for several ESX services and redirect functionality. Disabling it can result in broken access to the host UI and other unexpected service disruptions.

The Ports and Protocols (vSphere) page shows the services which utilize TCP/UDP port 80 and if it is required for Incoming or Outgoing traffic or both (Bidirectional). 

Example of some of the Port 80 data as shown on the site:

Resolution

  • Do not disable port 80 on ESX (formerly called ESXi) hosts.
  • If security hardening is required, use ESX's firewall to restrict access to port 80 to trusted IP ranges.
  • For a complete and up-to-date list of required ports across VMware products, refer to VMware Ports and Protocols
 
Powered by Wolken Software