The browser cannot access this website ERR_UNSAFE_PORT problem solution
1. Problem description
After visiting a specific website, there is a problem that the website cannot be accessed, the error code is ERR_UNSAFE_PORT, as shown in the following figure:
The following is what happens when you use the Chrome browser to access
the final error code ERR_UNSAFE_PORT, and the words "unsafe port" appear.
Here's what happens when you use the Firefox browser
to access this address with restricted access. This address uses a port that is normally used for purposes other than web browsing. For security reasons, Firefox cancels the request.
The word port also appeared.
Two, the cause of the problem
After analyzing the captured packets, no packets to access the server were captured, so it was found that the browser intercepted the request, which has nothing to do with the server. Why is this request being intercepted? The main reason is that the browser has its own protection mechanism, that is, the browser will disable some ports other than web browsing - non-safe ports.
Because the chorme browser has its own default non-secure ports, this error will occur if you access these ports, and all browsers using the chrome kernel will do so.
The default non-secure ports of Chrome browser are listed below to avoid stepping on pitfalls in the future.
The port number | The role of the port number |
---|---|
1 | tcpmux |
7 | echo |
9 | discard |
11 | systat |
13 | daytime |
15 | netstat |
17 | qotd |
19 | batches |
20 | ftp data |
21 | ftp access |
22 | ssh |
23 | telnet |
25 | smtp |
37 | time |
42 | name |
43 | nicname |
53 | domain |
77 | private rjs |
79 | finger |
87 | ttylink |
95 | supdup |
101 | hostriame |
102 | iso-tsap |
103 | gppitnp |
104 | acr-none |
109 | pop2 |
110 | pop3 |
111 | sunrpc |
113 | auth |
115 | sftp |
117 | uucp-path |
119 | nntp |
123 | NTP |
135 | loc-srv /epmap |
139 | netbios |
143 | imap2 |
179 | BGP |
389 | ldap |
465 | smtp+ssl |
512 | print / exec |
513 | login |
514 | shell |
515 | printer |
526 | tempo |
530 | courier |
531 | chat |
532 | netnews |
540 | uucp |
556 | remotefs |
563 | nntp+ssl |
587 | stmp(rfc-6409) |
601 | syslog-con(rfc-3195) |
636 | ldap+ssl |
993 | ldap+ssl |
995 | pop3+ssl |
2049 | nfs |
3659 | apple-sasl / PasswordServer |
4045 | lockd |
6000 | X11 |
6665 | Alternate IRC [Apple addition] |
6666 | Alternate IRC [Apple addition] |
6667 | Standard IRC [Apple addition] |
6668 | Alternate IRC [Apple addition] |
6669 | Alternate IRC [Apple addition] |
6697 | IRC+TLS |
3. Solutions
3.1 Solution 1 Modify the server access port number (recommended)
The best solution is to avoid the non-secure ports mentioned above. For example, you can change the port number for the server to access the web service. If there is no special requirement, you can change it to the default 80/443.
3.2 Solution 2 Modify browser settings
Remember, do not use the following method unless necessary.
3.2.1 Chrome browser
Close the browser -> Find the browser icon on the desktop -> Right-click to select Properties -> Add a space ±-explicitly-allowed-ports=10080 after [Target] (see configuration below) -> Click [Save] -> Double-click the icon, Reopen the browser.
--explicitly-allowed-ports=10080
3.2.2 Firefox browser
Open a new tab page -> enter about:config in the address bar -> click Enter -> search preferences network.security.ports.banned.override -> if not added, fill in the value 10080 -> save and restart the browser.
Click me to learn about this risk! A search box will appear at the top of the browser, and enter the following string
network.security.ports.banned.override
3.2.3 Edge browser
Official document: https://docs.microsoft.com/en-us/deployedge/microsoft-edge-policies#explicitlyallowednetworkports
Enter regedit in the search bar, press Enter to open the system registry, and enter Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Edge\ExplicitlyAllowedNetworkPorts. This path does not necessarily exist, and you can create it yourself. Then create a new string value named 1 in ExplicitlyAllowedNetworkPorts and modify its value to 10080. Finally, restart the browser and access the address with port 10080.
This article is over!