Fix "Permission denied" Binding to Port 80 or 443 on Linux
Bind to privileged ports without running your app as root, using capabilities or sysctl.
Problem
listen tcp :80: bind: permission deniedRoot cause
Linux restricts ports below 1024 to processes with `CAP_NET_BIND_SERVICE`. Running as a non-root user normally means you can't bind 80 or 443.
Solution
Option A — grant the capability to the binary
sudo setcap 'cap_net_bind_service=+ep' /opt/myapp/bin/serverOption B — lower the unprivileged port floor
echo 'net.ipv4.ip_unprivileged_port_start=80' | sudo tee /etc/sysctl.d/99-low-ports.conf && sudo sysctl --systemOption C — front it with Nginx
Let Nginx own 80/443 and reverse-proxy to your app on a high port. Usually the cleanest answer.
Frequently asked questions
Related fixes
Linux
5 minFix "Too many open files" on Linux
Raise the open file descriptor limit the right way — per process, per user, and system-wide.
#ulimit#systemd#nofile
Linux
5 minDebug a Failed systemd Service
From `Active: failed` to a clean restart — how to read systemd logs and fix unit files.
#systemd#journalctl
Weekly digest
One DevOps fix in your inbox each week
Short, practical, no fluff. Real errors, real fixes — straight from production postmortems.