this post was submitted on 21 Aug 2025
335 points (99.4% liked)

Technology

74292 readers
4103 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
L4s@hackingne.ws
335
China cut itself off from the global internet on Wednesday (www.theregister.com)
submitted 1 day ago by technocrit@lemmy.dbzer0.com to c/technology@lemmy.world
60 comments fedilink hide all child comments
 

Activist group Great Firewall Report spotted the outage, which it said disrupted all traffic to TCP port 443 – the standard port used for carrying HTTPS traffic.

“Between approximately 00:34 and 01:48 (Beijing Time, UTC+8) on August 20, 2025, the Great Firewall of China (GFW) exhibited anomalous behavior by unconditionally injecting forged TCP RST+ACK packets to disrupt all connections on TCP port 443,” the group wrote in a Wednesday post.

That disruption meant Chinese netizens couldn’t reach most websites hosted outside China, which is inconvenient. The incident also blocked other services that rely on port 443, which could be more problematic because many services need to communicate with servers or sources of information outside China for operational reasons. For example, Apple and Tesla use the port to connect to offshore servers that power some of their basic services.

you are viewing a single comment's thread
view the rest of the comments
[–] nul9o9@lemmy.dbzer0.com 10 points 1 day ago (9 children)

Anyone know why someone would use port 443 for anything other than https?

[–] JasonDJ@lemmy.zip 19 points 1 day ago

HTTPS may be the official designation for the port, but it is the de facto standard port for TLS. Whatever you want to send over TLS, doesn't really matter.

HTTPS is just HTTP served over TLS (originally SSL).

Step by step, if you were to analyze a web connection over port 443, you would see that the client first negotiates the TCP connection (via three-way handshake), then TLS, and it's not till after TLS is established that HTTPS is negotiated.

In that way, it's kinda wrong to say it's the HTTPS port. It's really, nowadays, the TLS port. HTTP is just one of many protocols that can ride on top of it, and when we do that, we call it HTTPS.

[–] Nougat@fedia.io 24 points 1 day ago (1 children)

There's lots of things that transport using HTTPS that aren't websites in browsers.

[–] mesamunefire@piefed.social 6 points 1 day ago (1 children)

Yeah technically anything can run on any ports, we just like to default certain things.

Ssh for example can work on port 2000 or whatever. Port knocking is fun too.

[–] Nougat@fedia.io 5 points 1 day ago (1 children)

Oh, it's not even that some other protocol is operating on 443. It's that the underlying transport is HTTPS, just for something that's not a website rendered in a browser by the client. Microsoft, for example, used RPC over HTTPS for Outlook connectivity to Exchange for a hot minute.

[–] mesamunefire@piefed.social 2 points 1 day ago

Ah gotcha. In this case yeah.

[–] Euphoma@lemmy.ml 11 points 1 day ago

websockets

[–] BaroqueInMind@piefed.social 9 points 1 day ago

VPNs, DNS over https (DoH), load balancers via DHCP, encrypted remote procedure calls, TCP pipes via gsocket.

I could go on.

[–] setsubyou@lemmy.world 3 points 22 hours ago

Sometimes mandatory web proxies still allow direct connections to port 443 so as to not break https, which in return means as long as your connection is to port 443, that proxy will pass it through without interfering.

I used to run sshd on port 443 for this reason back when I regularly had to work from client networks.

[–] Evotech@lemmy.world 4 points 1 day ago

To not get blocked by the great firewall

[–] Zykino@programming.dev 5 points 1 day ago

Pass thoses firewalls and other corporates proxy/VPN/… that block most ports. If what you build is at least partly used where user have internet access, you know this port is open. Even if 22, 8080 and all the others are closed.

[–] sugar_in_your_tea@sh.itjust.works 2 points 22 hours ago

Some ISPs block other ports, so if you want to host something, that might be your best option.

[–] ksigley@lemmy.world 2 points 1 day ago

Happy cake day!