EC2: How to add port 8080 in security group?

Question

I want to add port 8080 to EC2 security group to access tomcat. But whenever I select HTTP from drop down I get 80 port as default and also can't change it.

So how can I add 8080 so that I can access Tomcat publicly?

score 191 · Accepted Answer · answered Oct 13 '14 at 11:36

191

You have to choose "Custom TCP rule" in the dropdown.

Then you will be able to change the port to 8080.

enter image description here

answered Oct 13 '14 at 11:36

Céline Aussourd

10,214
4
32
36

29

You don’t need HTTP. HTTP is the application layer, TCP is the transport layer for HTTP. The security group acts at the transport layer. – Céline Aussourd Oct 13 '14 at 12:24
2

so u r saying that after doing that, only HTTP will use port 8080 no other protocol? – Manish Kumar Oct 13 '14 at 13:20
1

After that, the port 8080 is going to be accessible from everywhere. So, if your web server is running on port 8080, then you will be able to access your page at http://:8080 Your web server won’t start on port 8080 if you already have a program using port 8080. – Céline Aussourd Oct 13 '14 at 13:27
1

how about redirecting `# iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080` – Manish Kumar Oct 13 '14 at 13:34
2

why do you want to do this? Your web server (tomcat) isn't listening on port 8080? – Céline Aussourd Oct 13 '14 at 13:40
1

ur solution works fine. just wanted to know which one is better and safe? – Manish Kumar Oct 13 '14 at 13:52
1

Personally I prefer to use AWS security group. I think it's better to have your firewall set up at that level if possible than at your OS level. – Céline Aussourd Oct 13 '14 at 13:57
1

This worked! Exactly what I was missing in order to access tomcat. – Anmol Gupta Jul 08 '15 at 21:23

score 9 · Answer 2 · answered Sep 16 '16 at 04:28

9

You have to able the port in two different sections: (1) Windows firewall, as it was explained before. (2) Directly in Amazon Web Service console, exactly in security groups/inbound.

answered Sep 16 '16 at 04:28

John Velandia

129
1
4

score 3 · Answer 3 · answered Dec 11 '20 at 09:37

after adding the rule in security group, you should also turn on the Linux os port in order to access your webservice command for doing that

sudo ufw allow 8080/tcp

Some Extra Information: Actually this is not a good why to deploy the service. we should rather use a reverse proxy server to handle all kind of requests (like nginx), and those request should be routed to specific web service in this why whole traffic will be routed to 80 port(HTTP) or 443 (HTTPS) if you want to configure SSL. Thus a lot of things become easier by using it. Follow this to know how to use Nginx.

EC2: How to add port 8080 in security group?

3 Answers3

Linked