Use port 80 or 443 for Jira server in Linux when running as a non-root user

Related content

  • No related content found

Still need help?

The Atlassian Community is here for you.

Ask the community

Platform notice: Server and Data Center only. This article only applies to Atlassian products on the Server and Data Center platforms.

Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.

*Except Fisheye and Crucible


Atlassian applications allow the use of reverse-proxies within our products, however Atlassian Support does not provide assistance for configuring them. Consequently, Atlassian can not guarantee providing any support for them.

If assistance with configuration is required, please raise a question on Atlassian Community.

Problem

On Linux, non-root users are not able to bind to ports below 1024. For security reasons, it's not recommended to run Atlassian software as a root user. This guide will outline options to be used so that your server can be accessible on port 80 or 443.

Solution

Using iptables

iptables can be used to redirect connections from port 80 to 8080. The following commands can be used to redirect the traffic. 

The ethernet port used in the below example is eth0. You will need to replace eth0 with the name of your network interface.

iptables -A INPUT -i eth0 -p tcp --dport 80 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp --dport 8080 -j ACCEPT
iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080

Depending on the network environment, it should also allow communication to the loopback interface that can be done according to the following command:

iptables -t nat -I OUTPUT -p tcp -o lo --dport 80 -j REDIRECT --to-port 8080



If JIRA has been configured for SSL on port 8443 for example, the following commands will redirect traffic from port 443 to 8443:

iptables -A INPUT -i eth0 -p tcp --dport 443 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp --dport 8443 -j ACCEPT
iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 443 -j REDIRECT --to-port 8443

and the redirect command for the loopback interface

iptables -t nat -I OUTPUT -p tcp -o lo --dport 443 -j REDIRECT --to-port 8443

Then, save iptables, which varies depends on your linux distribution. For example:

# sudo apt install iptables-persistent
# sudo /etc/init.d/iptables-persistent save
# sudo /etc/init.d/iptables-persistent reload

Using a proxy

A proxy server running as root can bind to port 80 or 443 and proxy all the traffic for JIRA. Our documentation that helps describe this process can be found at Proxying Atlassian Server applications.


DescriptionOn Linux, non-root users are not able to bind to ports below 1024. For security reasons, it's not recommended to run Atlassian software as a root user. This guide will outline options to be used so that your server can be accessed on port 80 or 443.
ProductJira
PlatformServer
Last modified on Sep 15, 2022

Was this helpful?

Yes
No
Provide feedback about this article

Related content

  • No related content found
Powered by Confluence and Scroll Viewport.