Re: [Skunkworks] Is port 8080 more secure than 80?

The reason to run a webserver on a high port like 8080 is that running on a port higher than 1000 does not require root privileges, so when the application is compromised the intruder will only get the privileges of the user running that server. Having said that, most servers are able to drop root privileges after they established connecting to the port (e.g. 80) so again an intruder will only get the privileges of an unprivileged user. If the server is not able to drop privileges it is a VERY good idea to run it on a high port and proxy it by a server which is able to do this.