If you want to see if a port is open, you can use a linux utility like nmap. You might be able to get a windows binary too:
# nmap -Pn -p 443 xfinity.com
PORT STATE SERVICE 443/tcp open https
Open, would indicate the port is open and a service responds on it. Closed could mean a firewall isn't blocking it, but a service isn't running on it. Filtered would mean you got no response at all. Likely a firewall blocked it.
Only scan one port at a time. Many firewalls have denial of service and portscan protection. If you hit too many ports rapidly, they block the offending source. For how long? It's up to whatever runs the firewall.
If you are trying to scan YOUR IP address, you can use a phone hotspot or do it when you are offsite. There are web sites that will do this too that you can search for.
$ time nmap ---------- Starting Nmap 7.80 ( https://nmap.org ) at 2023-12-31 Nmap scan report for ----------- (xx.xx.xxx.xx) Host is up (0.27s latency). rDNS record for xx.xx.xxx.xx: -------------- Not shown: 997 filtered ports PORT STATE SERVICE 80/tcp open http 443/tcp closed https 8443/tcp open https-alt
A scan on just port 443 also showed the port was closed. This issue is recent as the port was working fine for a few months. Did xfinity change their policy on this port recently?
80 open and 443 closed on the same web server is likely a cert/configuration problem and you are unable to start the service on 443. Check your web server https log.
What's interesting is that 443 used to be open not too long ago. Blocking 443 but leaving port 80 open is a security risk so I'm not entirely sure I understand why make the decision to leave port 80 open but block 443. Also "a little extra" is about $250 more per month. So long as I'm not generating a ton of traffic, which in my case I wouldn't be because I simply want to host a website for my family and friends) I cannot fathom an valid reason as to why this port should be blocked other than Xfinity being Xfinity.
The original poster was using an Xfinity gateway. They are not configured locally, the configuration is stored offsite on Xfinity servers and they are configured with a phone app.
Have you checked the server's log to see why the service didn't start? Can you see if the port is open with sockstat? And if you don't know why port 8443 is open, or what service is running on it, you've got other issues. That's commonly exploited for SIP/video conference traffic, remote management for Orbi products, some Symantec products. It shouldn't be open unless you deliberately did it.
Closed with nmap, would infer your firewall isn't blocking it but the service isn't running.
flatlander3
Problem Solver
•
1.5K Messages
11 months ago
It isn't, but some ports are: https://www.xfinity.com/support/articles/list-of-blocked-ports
If you want to see if a port is open, you can use a linux utility like nmap. You might be able to get a windows binary too:
# nmap -Pn -p 443 xfinity.com
PORT STATE SERVICE
443/tcp open https
Open, would indicate the port is open and a service responds on it. Closed could mean a firewall isn't blocking it, but a service isn't running on it. Filtered would mean you got no response at all. Likely a firewall blocked it.
Only scan one port at a time. Many firewalls have denial of service and portscan protection. If you hit too many ports rapidly, they block the offending source. For how long? It's up to whatever runs the firewall.
If you are trying to scan YOUR IP address, you can use a phone hotspot or do it when you are offsite. There are web sites that will do this too that you can search for.
No Linux, just windows? No problem. Try installing WSL on windows (windows system linux): https://learn.microsoft.com/en-us/windows/wsl/install Openssl should be there by default. You can get nmap with:
# sudo apt-get update
# sudo apt-get install nmap
(edited)
0
0
CCJodie
Problem Solver
•
1.3K Messages
11 months ago
@user_tq5vzw Hello, did @flatlander3's reply help with your question?
0
0
Rinsing
5 Messages
10 months ago
I'm having this issue as well. Port 443 does not work but port 80 and even port 8443 work. Somethings funky with 443 on the Xfinity network.
2
user_3vyhkq
2 Messages
10 months ago
I'm also having an issue with port 443.
an nmap scan shows:
A scan on just port 443 also showed the port was closed. This issue is recent as the port was working fine for a few months. Did xfinity change their policy on this port recently?
2
0
user_3vyhkq
2 Messages
10 months ago
I've read that sometimes 443 will be blocked for residential users and that to unblock it you need to pay a little extra for a business connection.
2
0