ERR_UNSAFE_PORT Solution to access failures caused by browser security problems
First, problem phenomenon
After the WEB HTTPS server is configured, ERR_UNSAFE_PORT cannot be accessed using a browser, as shown in the following figure.
After packet capture analysis, no packet accessing the server is captured. The request is automatically blocked by the browser protection mechanism, which has nothing to do with the server.
Second, the browser mechanism
Because the Chorme browser has its own default insecure ports, this error occurs when accessing these ports, and it happens to all browsers with the Chorme kernel.
Third, solutions
You can start by changing the port number through which the server accesses the Web service, or the default 80/443 if not specifically required. It is not necessary to perform the following operations.
1.Google Chrome
Close the browser, locate the browser icon on the desktop, right-click properties, and add space +– minority-allot-ports =10080 to target (see the following configuration). Click Save, and double-click the icon to open the browser again.
--explicitly-allowed-ports=10080
Copy the code
2. The Firefox browser
Open a new TAB – > address bar enter about: config search preferences – > click on the enter – > network. Security. Ports. Banned. The override – > if not add, fill the value with 10080 – > save after restart your browser.
network.security.ports.banned.override
Copy the code
3. The Edge browser
In the search bar enter regedit and press enter to open the system registry, enter the computer \ HKEY_LOCAL_MACHINE \ SOFTWARE \ Policies \ Microsoft \ Edge \ ExplicitlyAllowedNetworkPorts, This path may not exist. You can create it yourself. Then in ExplicitlyAllowedNetworkPorts to create a new name for the string value of 1, modify its value is 10080. Finally, restart the browser and access the address of port 10080.
Official documentation: docs.microsoft.com/en-us/deplo…
4. Partial list of insecure ports
Chrome has a list of insecure ports by default. Although the above method can solve the problem, it is recommended to avoid the following ports:
1, // tcpmux
7, // echo
9, // discard
11, // systat
13, // daytime
15, // netstat
17, // qotd
19, // chargen
20, // ftp data
21, // ftp access
22, // ssh
23, // telnet
25, // smtp
37, // time
42, // name
43, // nicname
53, // domain
77, // priv-rjs
79, // finger
87, // ttylink
95, // supdup
101, // hostriame
102, // iso-tsap
103, // gppitnp
104, // acr-nema
109, // pop2
110, // pop3
111, // sunrpc
113, // auth
115, // sftp
117, // uucp-path
119, // nntp
123, // NTP
135, // loc-srv /epmap
139, // netbios
143, // imap2
179, // BGP
389, // ldap
465, // smtp+ssl
512, // print / exec
513, // login
514, // shell
515, // printer
526, // tempo
530, // courier
531, // chat
532, // netnews
540, // uucp
556, // remotefs
563, // nntp+ssl
587, // stmp?
601, // ??
636, // ldap+ssl
993, // ldap+ssl
995, // pop3+ssl
2049, // nfs
3659, // apple-sasl / PasswordServer
4045, // lockd
6000, // X11
6665, // Alternate IRC
6666, // Alternate IRC
6667, // Standard IRC
6668, // Alternate IRC
6669, // Alternate IRC
Copy the code