Running multiple web services on the same host or avoiding a port conflict often requires moving Apache off the default 80 (HTTP) and 443 (HTTPS) ports.
The port binding is controlled by the Listen directive, which tells Apache HTTP Server which TCP port (and optionally which IP address) to bind. On Debian and Ubuntu systems, Listen is commonly managed in /etc/apache2/ports.conf, while site definitions in /etc/apache2/sites-available use <VirtualHost *:PORT> blocks that must match the chosen listener.
A port change affects routing end-to-end: the VirtualHost port must match the Listen port, the host firewall (and any upstream security group / load balancer) must allow the new port, and clients must include the port in the URL (for example, http://host:8080/). Validate the configuration before restarting to avoid an outage window caused by a syntax error.
Steps to change the listen port for Apache:
- Open a terminal on the Apache host.
- Locate the active Listen directive in the loaded configuration.
$ sudo grep --recursive --line-number --extended-regexp '^[[:space:]]*Listen[[:space:]]+' /etc/apache2/ /etc/apache2/ports.conf:5:Listen 80 /etc/apache2/ports.conf:8:Listen 443
Related: Location for Apache configuration
On RHEL-family systems, the Listen directive is typically under /etc/httpd and the service name is usually httpd. - Pick a new TCP port that is not already in use.
$ sudo ss -ltn sport = :8080 State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
No listening entries below the header indicates port 8080 is currently free.
- Open /etc/apache2/ports.conf in an editor.
$ sudoedit /etc/apache2/ports.conf
- Change the Listen directive to the new port value.
Listen 8080
Keep Listen 443 unchanged unless the HTTPS port is also being moved.
- Identify enabled VirtualHost blocks that still reference the old port.
$ sudo grep --recursive --line-number '<VirtualHost' /etc/apache2/sites-enabled/ /etc/apache2/sites-enabled/000-default.conf:1:<VirtualHost *:80>
- Edit each matching site file and update the <VirtualHost *:PORT> to the new port.
$ sudoedit /etc/apache2/sites-available/000-default.conf
<VirtualHost *:8080> ##### snipped ##### </VirtualHost>
If HTTPS is also moved, update the SSL site (commonly /etc/apache2/sites-available/default-ssl.conf) and the Listen entry for the new TLS port.
- Validate the Apache configuration syntax.
$ sudo apache2ctl configtest Syntax OK
- Restart the apache2 service to apply the new listener.
$ sudo systemctl restart apache2
Existing connections to the old port stop working after the listener change.
- Confirm the apache2 service is running.
$ sudo systemctl status apache2 --no-pager ● apache2.service - The Apache HTTP Server Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabled) Active: active (running) since Sat 2025-12-13 12:34:56 UTC; 3s ago ##### snipped ##### - Allow inbound TCP traffic to the new port in the host firewall.
$ sudo ufw allow 8080/tcp Rule added Rule added (v6)
Also update any cloud security group, load balancer listener, or upstream firewall that filters inbound traffic.
- Verify that Apache is listening on the new port.
$ sudo ss -ltnp | grep ':8080' LISTEN 0 511 0.0.0.0:8080 0.0.0.0:* users:(("apache2",pid=1234,fd=4))On SELinux enforcing hosts, allow the port with semanage (for example, semanage port -a -t http_port_t -p tcp 8080).
- Confirm a successful HTTP response on the new port.
$ curl -I http://127.0.0.1:8080/ HTTP/1.1 200 OK Date: Sat, 13 Dec 2025 12:35:12 GMT Server: Apache/2.4.55 (Ubuntu) Last-Modified: Thu, 31 Aug 2023 09:37:27 GMT ETag: "29af-60434cacb2109" Accept-Ranges: bytes Content-Length: 10671 Vary: Accept-Encoding Content-Type: text/html
External access requires an explicit port in the URL, such as http://server.example.com:8080/.
Mohd Shakir Zakaria is a cloud architect with deep roots in software development and open-source advocacy. Certified in AWS, Red Hat, VMware, ITIL, and Linux, he specializes in designing and managing robust cloud and on-premises infrastructures.
Comment anonymously. Login not required.