Problem: Nginx keeps listening on port 80 after trying to change the site’s port

AlYa · October 1, 2025, 3:42pm

Hi everyone,
I’m using a web server with Hestia Control Panel v1.9.4 (nginx, php-fpm) on Ubuntu 22.

I needed to put Caddy in front of nginx (the reason doesn’t matter for now), and Caddy requires port 80 to function properly.

I thought this would be simple:

Find all *.conf files containing a listen directive, locate port 80, and change it to another port.
I checked all files under /etc/nginx/... and /home/admin/conf/... and found this file:
/home/admin/conf/web/domain.com/nginx.conf. It contained listen 80, so I changed it and restarted nginx.

But nothing changed!

sudo ss -tulpn | grep -E ':(80)'
tcp   LISTEN 0      511 0.0.0.0:80 0.0.0.0:* users:(("nginx",pid=2004701,fd=10),("nginx",pid=2003258,fd=10))

If I nginx stop, port 80 stops listening. If I start nginx, port 80 is listening again.

I’ve checked all included files and the entire filesystem for listen directives—nowhere else is port 80 defined!

How is this possible? I’m getting frustrated and decided to ask here.

sahsanu · October 1, 2025, 3:58pm

Hi,

grep -RE 'listen.*:80(\s{1,}|;)' /etc/nginx/

But you should change the variables WEB_PORT and WEB_SSL_PORT:

v-change-sys-config-value WEB_PORT HereTheNewPort
v-change-sys-config-value WEB_SSL_PORT HereTheNewPort

And rebuild all the web and mail domains for all your users.

AlYa · October 1, 2025, 4:08pm

grep -RE ‘listen.*:80(\s{1,}|;)’ /etc/nginx/
As expected, it returned nothing—empty.

This didn’t help:
v-change-sys-config-value WEB_PORT 8083

I applied it and rebooted the entire server… and still:
LISTEN 0 511 0.0.0.0:80 0.0.0.0:* users:((“nginx”,pid=742,fd=10),(“nginx”,pid=738,fd=10))

sahsanu · October 1, 2025, 4:17pm

That’s strange.

Did you rebuild all the mail and web domains?

lsof -p 742
lsof -p 738

AlYa · October 1, 2025, 7:01pm

Some strange behavior… If I specify port 80 (default) in /home/admin/conf/web/domain.com/nginx.conf:

server {
    listen      172.16.16.15:80;
    ...
}

Then the listening ports look like this:

ss -ltnp | grep :8
LISTEN    0         511                0.0.0.0:8091             0.0.0.0:*        users:(("hestia-nginx",pid=761,fd=6),("hestia-nginx",pid=751,fd=6))
LISTEN    0         511                0.0.0.0:80               0.0.0.0:*        users:(("nginx",pid=151090,fd=10),("nginx",pid=151089,fd=10))

If in the same file I change 80 to 8089 (for example), a new 8089 port appears in the list, but 80 remains:

server {
    listen      172.16.16.15:8089;
    ...
}

ss -ltnp | grep :8
LISTEN    0         511           172.16.16.15:8089             0.0.0.0:*        users:(("nginx",pid=151311,fd=11),("nginx",pid=151309,fd=11))
LISTEN    0         511                0.0.0.0:8091             0.0.0.0:*        users:(("hestia-nginx",pid=761,fd=6),("hestia-nginx",pid=751,fd=6))
LISTEN    0         511                0.0.0.0:80               0.0.0.0:*        users:(("nginx",pid=151311,fd=10),("nginx",pid=151309,fd=10))

This seems to be related to Hestia somehow, maybe internal tasks, SSL, or something else… but I’m not sure.

sahsanu · October 1, 2025, 8:01pm

If it remains, it’s because there is some listen directive listening on port 80 too.

Show the output of these commands:

 grep -R 'listen.*80' /etc/nginx
 grep -r 'include' /etc/nginx