An attempt was made to access a socket in a way forbidden by its access permissions

Question

I have a website on HostGator and a dedicated server of my own running SQL Server 2008R2. The connection string I use is X.X.X.X,1433 which points to the IP address of my dedicated server. I have made the firewall settings on my server so that I can use SSMS & log into SQL Server from my home PC.

Having done that, I was under the impression that connecting to SQL from my hostGator hosted-site would work just fine. I receive the following error:

A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: TCP Provider, error: 0 - An attempt was made to access a socket in a way forbidden by its access permissions.)

I have looked up this error and found many explanations, but not one dealing with my circumstances. My server is running Windows 2008 w/IIS 7.5. I was assured by HostGator tech support that there would be no problems from their end.]]

My firewall allows TCP port 1433, & the UDP port 1434 for the SQL Server Browser service.

Since I have a dedicated server, I have no one to ask this question to from my hosting company.

I got the "...socket...forbidden..." error trying to start a localhost site via the dotnet run command. Turns out I just forgot there was already a "Start without debugging" session going from Visual Studio that I'd forgotten about. Derp. — bubbleking, Oct 15 '20 at 18:50
For me, I changed the port being used to host the web server in my application. My application was using a custom port # 8000 to host the web sever. I changed it to 8081 and it started to work again. I've no idea what went wrong all of a sudden due to which I had started facing this error. — RBT, Apr 24 '21 at 04:25
So imo better solution to this problem than presented here, see the answer by @Echoldman to [Ports are not available: listen tcp 0.0.0.0/50070: bind: An attempt was made to access a socket in a way forbidden by its access permissions](https://stackoverflow.com/q/65272764/850848#72187332). — Martin Prikryl, Sep 15 '22 at 09:02

score 74 · Answer 1 · answered Dec 03 '19 at 21:14

74

I had a similar issue with Docker for Windows and Hyper-V having reserved ports for its own use- in my case, it was port 3001 that couldn't be accessed.

The port wasn't be used by another process- running netstat -ano | findstr 3001 in an Administrator Powershell prompt showed nothing.
However, netsh interface ipv4 show excludedportrange protocol=tcp showed that the port was in one of the exclusion ranges.

I was able to follow the solution described in Docker for Windows issue #3171 (Unable to bind ports: Docker-for-Windows & Hyper-V excluding but not using important port ranges):

Disable Hyper-V:

dism.exe /Online /Disable-Feature:Microsoft-Hyper-V

After the required restarts, reserve the port you want so Hyper-V doesn't reserve it back:
```
netsh int ipv4 add excludedportrange protocol=tcp startport=3001 numberofports=1
```

Reenable Hyper-V:

dism.exe /Online /Enable-Feature:Microsoft-Hyper-V /All

After this, I was able to start my docker container.

answered Dec 03 '19 at 21:14

tessafyi

2,273
2
19
28

3

This worked only when my hyper-v was disabled, as soon as I turned on hyper-v again, I started getting the same error. Running this in admin pwsh worked for me ```Restart-Service hns -f ``` – AbhiAbzs May 06 '21 at 09:39
2

[One particular solution](https://github.com/docker/for-win/issues/3171#issuecomment-750779531) in the linked Github issue worked for me without worrying about specific ports: `net stop winnat`. – ladenedge May 13 '21 at 17:10
@AbhiAbzs that command worked for me too but I had to run it twice. I had issues with 3 ports, the first run of the command fixed 2 of them and the second run fixed the rest. I observed that the exclusion ranges changes per restart. Before anyone thinks this command doesn't work for them, ensure to run the command below to see the exclusion range after restart. ```netsh interface ipv4 show excludedportrange protocol=tcp``` – Yusuff Sodiq Mar 14 '22 at 17:42

Neos Santos · Answer 2 · 2021-10-08T06:04:11.973

32

Just Restart-Service hns can change the ports occupied by Hyper-V. It might release the port you need.

edited Oct 08 '21 at 06:04

answered Nov 16 '20 at 03:29

Neos Santos

456
7
8

Easy & effective solution for me. – sfuqua Jun 18 '21 at 22:01
So simple and effective, thanks! – Chrissy LeMaire Dec 14 '21 at 12:43
Thanks! -- It worked for me but I had to add " -force" to make it work. – HumbleBeginnings Aug 23 '22 at 20:35

score 19 · Answer 3 · answered Mar 26 '13 at 02:04

19

Per this link:

the symptom could occur if the replication service tries to use the ports that occupied by others, or by a malfunction NIC. Please try the following steps:

Restart the windows firewall service
Reboot the problematic machine
Restart the “TCP/IP stack”. Run CMD as administrator, type “netsh int ip reset resetlog.txt” to reset TCP/IP.
Try to temporarily disable antivirus.

answered Mar 26 '13 at 02:04

Jason Carter

915
6
15

Sorry for the delayed response @Jason...Found this link: support.microsoft.com/kb/968872?wa=wsignin1.0 and used the accompanying instructions to re-do the firewall settings on my server. Now, thankfully, it's working! – Jerry Apr 01 '13 at 14:11
5

McAfee antivirus blocks port 25 by default, "to prevent mass mail attacks". – RugerSR9 Feb 13 '17 at 19:20
Bitdefender also blocked the port in question – Antfish Jun 08 '17 at 19:55
@RugerSR9; you are right. I had to add Databasemail.exe (for SQL Server 2016) to the exclude list to get mails to go out. Thank you for posting. – Henrik Staun Poulsen Aug 22 '17 at 10:28
Thanks mate. For me, running only step no. 3 and restarting my machine worked. – Timothy Macharia Mar 15 '21 at 20:47

score 8 · Answer 4 · answered Jul 27 '17 at 15:48

Not surprisingly, this error can arise when another process is listening on the desired port. This happened today when I started an instance of the Apache Web server, listening on its default port (80), having forgotten that I already had IIS 7 running, and listening on that port. This is well explained in Port 80 is being used by SYSTEM (PID 4), what is that? Better yet, that article points to Stop http.sys from listening on port 80 in Windows, which explains a very simple way to resolve it, with just a tad of help from an elevated command prompt and a one-line edit of my hosts file.

score 4 · Answer 5 · answered Jun 29 '17 at 12:35

4

My windows firewall was blocking port 8080 so i changed it to 5000 and it worked!

answered Jun 29 '17 at 12:35

bmacharia

1,026
10
12

score 2 · Answer 6 · answered Dec 12 '17 at 03:37

2

As per https://stackoverflow.com/a/33859341/446250, having internet connection sharing enabled for my ethernet adapter ended up causing this problem for me. Disabling the sharing fixed the problem

answered Dec 12 '17 at 03:37

kellpossible

663
1
8
19

1

This also applies if you are using Hyper-v and have the Hyper-V bridge enabled. Note that a reboot is required after disabling the bridge. – AJ Henderson Mar 19 '19 at 16:41

score 1 · Answer 7 · answered Oct 14 '19 at 21:35

My situation and solution: I had created and enabled a HyperV ethernet adapter. For some reason, my main windows machine was using the "virtual" ethernet adapter instead of the 'hardware' adapter.

I disabled the virtual ethernet and my network settings to change the network public/privacy settings were revealed.

score 0 · Answer 8 · answered Oct 25 '16 at 10:43

0

If You need to access SQL server on hostgator remotely using SSMS, you need to white list your IP in hostgator. Usually it takes 1 hour to open port for the whitelisted IP

answered Oct 25 '16 at 10:43

Abdul Wahid

1
1

JustBeingHelpful · Answer 9 · 2021-03-02T12:54:07.677

For others who get this error but have a slightly different cause, you can do the following to troubleshoot. Open a text editor by right clicking and choosing Run As Administrator. Open C:\Program Files\pgAdmin 4\v4\web\pgAdmin4.py and add one line of code without anything else. The output will be drastically different and helpful. You can find the error in the system tray > pgAdmin > View Log.

import traceback # <--- add this line too.
try:
    app.run(
        host=config.DEFAULT_SERVER,
        port=config.EFFECTIVE_SERVER_PORT,
        use_reloader=(
            (not app.PGADMIN_RUNTIME) and app.debug and
            os.environ.get("WERKZEUG_RUN_MAIN") is not None
        ),
        threaded=config.THREADED_MODE
    )

except IOError:
    #app.logger.error("Error starting the app server: %s", sys.exc_info())
    app.logger.error("Error starting the app server: %s", traceback.format_exc()) # <--- add this line!

Instead of this:

ERROR flask.app: Error starting the app server: (<class 'OSError'>, OSError(10013, 'An attempt was made to access a socket in a way forbidden by its access permissions', None, 10013, None),

You will get this:

2021-03-01 11:38:33,817: ERROR  flask.app:  Error starting the app server: (<class 'OSError'>, OSError(10013, 'An attempt was made to access a socket in a way forbidden by its access permissions', None, 10013, None), <traceback object at 0x00000279EF74A3C0>)
Traceback (most recent call last):
  File "C:/Program Files/pgAdmin 4/v4/web/pgAdmin4.py", line 210, in main
    app.run(
  File "C:/Program Files/pgAdmin 4/v4/venv/Lib/site-packages\flask\app.py", line 943, in run
    run_simple(host, port, self, **options)
  File "C:/Program Files/pgAdmin 4/v4/venv/Lib/site-packages\werkzeug\serving.py", line 1052, in run_simple
    inner()
  File "C:/Program Files/pgAdmin 4/v4/venv/Lib/site-packages\werkzeug\serving.py", line 996, in inner
    srv = make_server(
  File "C:/Program Files/pgAdmin 4/v4/venv/Lib/site-packages\werkzeug\serving.py", line 847, in make_server
    return ThreadedWSGIServer(
  File "C:/Program Files/pgAdmin 4/v4/venv/Lib/site-packages\werkzeug\serving.py", line 740, in __init__
    HTTPServer.__init__(self, server_address, handler)
  File "C:/Program Files/pgAdmin 4/v4/venv/Lib\socketserver.py", line 452, in __init__
    self.server_bind()
  File "C:/Program Files/pgAdmin 4/v4/venv/Lib\http\server.py", line 138, in server_bind
    socketserver.TCPServer.server_bind(self)
  File "C:/Program Files/pgAdmin 4/v4/venv/Lib\socketserver.py", line 466, in server_bind
    self.socket.bind(self.server_address)
OSError: [WinError 10013] An attempt was made to access a socket in a way forbidden by its access permissions

You can manually set the port by going to system tray > PgAdmin > Configure > Runtime tab > Fixed Port Number and Port. Ideally, this port should be set to be within the https://en.wikipedia.org/wiki/Ephemeral_port range to avoid a conflict. Check availability here. https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers — JustBeingHelpful, Mar 02 '21 at 15:56

score 0 · Answer 10 · answered Mar 02 '21 at 22:14

0

I was able to solve an identical error message on a local Analysis Services instance by turning off loopback address filtering in the firewall.

answered Mar 02 '21 at 22:14

SQLServerSteve

332
1
11
22

score 0 · Answer 11 · edited Nov 03 '21 at 10:09

0

Nothing worked for me. Grep couldn't find the culprit listener. Resetting TCP / IP or Firewall didn't do anything either. The following command solved it:

net stop http

edited Nov 03 '21 at 10:09

klutt

30,332
17
55
95

answered Nov 03 '21 at 09:06

user17317260

1

An attempt was made to access a socket in a way forbidden by its access permissions

11 Answers11

Linked