[Exception resolution] The browser cannot access this website ERR_UNSAFE_PORT/The web page may not be able to connect, or it has been permanently moved to a new URL problem solution

1. Problem description

After visiting a specific website, there is a problem that the website cannot be accessed, the error code is ERR_UNSAFE_PORT, as shown in the following figure:

The following is what happens when you use the Chrome browser to access
the final error code ERR_UNSAFE_PORT, and the words "unsafe port" appear.

Here's what happens when you use the Firefox browser
to access this address with restricted access. This address uses a port that is normally used for purposes other than web browsing. For security reasons, Firefox cancels the request.

The word port also appeared.

Two, the cause of the problem

After analyzing the captured packets, no packets to access the server were captured, so it was found that the browser intercepted the request, which has nothing to do with the server. Why is this request being intercepted? The main reason is that the browser has its own protection mechanism, that is, the browser will disable some ports other than web browsing - non-safe ports.

Because the chorme browser has its own default non-secure ports, this error will occur if you access these ports, and all browsers using the chrome kernel will do so.

The default non-secure ports of Chrome browser are listed below to avoid stepping on pitfalls in the future.

The port number	The role of the port number
1	tcpmux
7	echo
9	discard
11	systat
13	daytime
15	netstat
17	qotd
19	batches
20	ftp data
21	ftp access
22	ssh
23	telnet
25	smtp
37	time
42	name
43	nicname
53	domain
77	private rjs
79	finger
87	ttylink
95	supdup
101	hostriame
102	iso-tsap
103	gppitnp
104	acr-none
109	pop2
110	pop3
111	sunrpc
113	auth
115	sftp
117	uucp-path
119	nntp
123	NTP
135	loc-srv /epmap
139	netbios
143	imap2
179	BGP
389	ldap
465	smtp+ssl
512	print / exec
513	login
514	shell
515	printer
526	tempo
530	courier
531	chat
532	netnews
540	uucp
556	remotefs
563	nntp+ssl
587	stmp(rfc-6409)
601	syslog-con(rfc-3195)
636	ldap+ssl
993	ldap+ssl
995	pop3+ssl
2049	nfs
3659	apple-sasl / PasswordServer
4045	lockd
6000	X11
6665	Alternate IRC [Apple addition]
6666	Alternate IRC [Apple addition]
6667	Standard IRC [Apple addition]
6668	Alternate IRC [Apple addition]
6669	Alternate IRC [Apple addition]
6697	IRC+TLS

3. Solutions

3.1 Solution 1 Modify the server access port number (recommended)

The best solution is to avoid the non-secure ports mentioned above. For example, you can change the port number for the server to access the web service. If there is no special requirement, you can change it to the default 80/443.

3.2 Solution 2 Modify browser settings

Remember, do not use the following method unless necessary.

3.2.1 Chrome browser

Close the browser -> Find the browser icon on the desktop -> Right-click to select Properties -> Add a space ±-explicitly-allowed-ports=10080 after [Target] (see configuration below) -> Click [Save] -> Double-click the icon, Reopen the browser.

--explicitly-allowed-ports=10080

3.2.2 Firefox browser

Open a new tab page -> enter about:config in the address bar -> click Enter -> search preferences network.security.ports.banned.override -> if not added, fill in the value 10080 -> save and restart the browser.

Click me to learn about this risk! A search box will appear at the top of the browser, and enter the following string

network.security.ports.banned.override

3.2.3 Edge browser

Official document: https://docs.microsoft.com/en-us/deployedge/microsoft-edge-policies#explicitlyallowednetworkports

Enter regedit in the search bar, press Enter to open the system registry, and enter Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Edge\ExplicitlyAllowedNetworkPorts. This path does not necessarily exist, and you can create it yourself. Then create a new string value named 1 in ExplicitlyAllowedNetworkPorts and modify its value to 10080. Finally, restart the browser and access the address with port 10080.

This article is over!