It seems like a very simple job, and in fact it is. But I had an issue when I tried to change this in my Cent OS 6.3 setup.

After some digging on the internet I found out selinux was the blocking factor.

The configuration of the new port has to be done in the lighttpd conf file.

/etc/lighttpd/lighttpd.conf

server.port = 2080

When I changed the config file and restarted the /etc/init.d/lighttpd service I got following error:

(network.c.379) can't bind to port:  2080 Permission denied

I checked that I added the port to iptables, tried other ports, nothing worked. Until I found out it was related to the default selinux configuration.

On many forums was indicated that the problem is solved by disabling the selinux service. Nevertheless I wanted to do it the right way and after some try and error found out that by installing the package policycoreutils-python you can look up the status of the selinux feature

# sestatus
SELinux status: enabled
SELinuxfs mount: /selinux
Current mode: enforcing
Mode from config file: enforcing
Policy version: 24
Policy from config file: targeted

# yum provides /usr/sbin/semanage
Loaded plugins: fastestmirror, presto, priorities
Loading mirror speeds from cached hostfile
* base: centos.weepeetelecom.be
* epel: be.mirror.eurid.eu
* extras: centos.weepeetelecom.be
* remi: remi-mirror.dedipower.com
* updates: centos.weepeetelecom.be
187 packages excluded due to repository priority protections
policycoreutils-python-2.0.83-19.24.el6.x86\_64 : SELinux policy core python utilities
Repo : base
Matched from:
Filename : /usr/sbin/semanage

# yum install policycoreutils-python

Once this is done we can use the semanage command to add our new port to the selinux security feature. First we can list all already configured ports for the http service:

semanage port -l \| grep http\_port\_t

If the desired port isn't listed we can add this with following command:

semanage port -a -t http\_port\_t -p tcp 2080

You don't need to restart the selinux feature, the setting will take effect immediately after you added the last command. Once that is done you can restart the lighttpd service without the permission denied issue!

If you also want to have tcp port 9000 be able to work for php you also have to add this one to selinux:

semanage port -a -t http\_port\_t -p tcp 9000

Sources: