App Volumes and Blocked Ports

When installing a fresh App Volumes Manager, you might receive the error that HTTP port is in-use. Verify services such as Microsoft’s IIS is not running, if it is, remove it. To check what application is using what port on a Windows system execute the following from a command-line:

Syntax: Netstat<space>-anob

Netstat –anob

This will list all ACTIVE connections; example:

Optional:

Syntax: Netstat<space>-anob<space>|<space>findstr<space>:<port>

Netstat –anob | findstr :80

Additional services you can check would be:

Service System Service Name Port(s)
SharePoint Server 80, 443
Windows Media Services WMServer 80
World Wide Web Publishing Service W32SVC 80, 443
SQL Reporting Service ReportServer 80
Sync Share Services SyncShareSvc 80
Web Deployment Agent Service MsDepSvc 80
Internet Information Server WAS, IISADMIN 80

 

HTTP (HTTP.SYS) Hidden Driver/Service

Windows Server 2003/2008/2012 and Windows XP(SP2)/Vista/7/8/10 comes with an HTTP front-end proxy service who’s job is to parse and forward incoming HTTP requests to other Services.

Values in URL “http://hostname:port/virtual_url_or_dir” are registered with it, and when an HTTP request comes in that matches on those values, that request gets routed to the other application or service (which itself is running on a different port).

HTTP.SYS is usually started “on demand” by other services (Windows Remote Management, Print Spooler, etc), and is not usually listening on port 80 until some other application registers a HOST (127.0.0.1) + PORT (80) + virtual URL/DIR with it. HTTP.SYS runs under PID 4 (NT Kernel).

On some Windows systems, oftentimes port 80 is already taken by HTTP.SYS for use.

Show Reserved URLs:

netsh http show urlacl

 

Show active Registered URLs:

netsh http show servicestate

 

To Disable HTTP.SYS:

  • Control Panel > Device Manager
  • In menu View, select: Show hidden devices
  • Open tree: Non-plug and Play Drivers
  • Double-click: HTTP
  • Tab Driver – Group Startup
  • Switch from: Demand to Disabled

Or run this from the administrative privileged command-line (right click cmd.exe, select – run as admin):

  • net stop http /y
  • sc config http start= disabled

Windows Work Folders

Under Windows Server 2012 R2 and Windows 8, Microsoft has introduced a new feature called “Work Folders”, that synchronizes files/folders between different machines.

By default, “Work Folders” uses ports 80 and 443!

There are 3 options to get around this, from simplest to more difficult…

A) Disable the Windows ‘Sync Share Service’, named “SyncShareSvc”.

B) Remove/ “Work Folders” Server Role / Windows Feature:

  • Launch Server Manager. Click “Add roles and features”.
  • Server Roles -> File and Storage Services -> File and iSCSI Services -> Work Folders

C) Or change the ports “Work Folders” use:

Edit file:
C:\Windows\System32\SyncShareSvc.config

Change ports from 80 to 11180 and 443 to 11443 (or something else)…

<sites>

<bindings>
<binding protocol=”http” bindingInformation=”*:80:” />

<binding protocol=”https” bindingInformation=”*:443:” sslFlags=”0″ />

 

Then from a permissions-elevated command-line (right click cmd.exe, Run as admin), run:

Netsh http add urlacl url=http://*:11180/ user=”NT Authority\LOCAL SERVICE”
Netsh http add urlacl url=https://*:11443/ user=”NT Authority\LOCAL SERVICE”

 

Then from a permissions-elevated command-line (right click cmd.exe, Run as admin), run:

You’ll also need to follow more instructions here:

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.