Last year I wrote about how to self-host a UniFi controller to manage some of your Ubiquiti gear without having to shell out for their UniFi Dream Machine and devices alike.
What I did not elaborate on what how to configure the controller’s web UI to use port 443, instead of port 8443.
The controller likely uses port 8443 because for Linux, because ports below 1024 can only be opened by root or those with special privileges to do so.
I’ve seen a couple posts from sysadmins saying that they modified
/var/lib/unifi/system.properties with little luck. I experienced the same. I found that if I changed
unifi.https.port to 80 and 443 (respectively), the UniFi web server would not start.
Unfortunately, there doesn’t appear to be any native options to configure UniFi to use 443 (at least at the time of writing this), instead you must use
iptables, if you have it installed.
iptables, you can update the
PREROUTING table to redirect packets from
Execute the following commands, to redirect packets from 443 to 8443.
sudo iptables -t nat -I PREROUTING -p tcp --dport 443 -j REDIRECT --to-ports 8443 sudo iptables-save
The above commands adds a new entry to the
PREROUTING table, and then saves configuration to persist through restarts.
You can verify that the rule has been added by executing the following command.
sudo iptables -t nat -L -nv
You should see under
Chain PREROUTING an additional rule to
REDIRECT TCP traffic to port 8443.
Once this is completed both TCP/443 and TCP/8443 will be open and can be used to access the UniFi controller.
If you want to read my post on how to install and configure a new Ubiquiti UniFi Controller on your own hardware, that post can be found below.