How to Check and Identify Which Application is Listening or Opening Port 80 and 443 on Windows

After installing Apache HTTPD web server or Microsoft IIS Internet Information Services web server, or any other application software or service and daemon that requires to open and listen to port 80 (HTTP) or port 443 (HTTPS SSL), it’ll be a surprise if some other application or processes have stolen, used and occupied port 80 and/or 443. No web server has been running on the Windows system before, so what’s the process that uses port 80 or 443 on the system?

For example, after installing Apache web server using XAMPP, the following error message may appear:

(OS 10048) Only one usage of each socket address (protocol/network address/port) is normally permitted. : make_sock: could not bind to address 0.0.0.0:80
no listening sockets available, shutting down

Here’s a few built-in commands and how to guide that can help users to find out and identify which application or process that is already using, opening and listening on port 80 or 443 on the Winodws operating system such as Windows Vista, Windows XP, Windows 7, Windows Server 2003 and 2008.

1. Open Command Prompt window by typing Cmd in Run command box or Start Search, and hit Enter.
2. Type in the following netstat command:

   netstat -o -n -a | findstr 0.0:80

   or

   netstat -o -n -a | findstr 0.0:443

   or simply,

   netstat -aon

   Note: The last command will list all connection that is listening, established, starting, closing and all other states, so the list is long, and user has to manually search for rows that has connection originating or targeting to 1270.0.1:80/443 or 0.0.0.0.80/443.

3. The following line(s) of results should be returned:

   TCP 0.0.0.0:80 0.0.0.0:0 LISTENING 8704

   The last column of each row is the process identified (process ID or PID).

4. Identify which process or application is using the port by matching the PID against PID number in Task Manager.

Another alternative to determine and identify which application is using port 80 or 443 is by using Telnet application. Just type the following command to Telnet to the system in port 80 or 443:

telnet localhost 80

or,

telnet localhost 443

If the Telnet connection can be opened, normally the banner of the application which opens the port will be shown, and help user to identify which process that actually listening on the port.

Tip: The command above can be used to identify and check what processes is using any other ports too, such as 7 (Echo), 21 (FTP), 23 (Telnet), 25 (SMTP), 53 (DNS), 70 (Gopher), 79 (Finger), 107 (RTelnet), 110 (POP3), 119 (NNTP), 139 (NetBIOS), 143 (IMAP), 194 (IRC), 3128, 8080, 10000, and etc.