Wowza Community

RTMP ports best practice

Currently I’m serving RTMP over port 1935: in terms of maximising availability is this the best port to use?

Does serving RTMP on port 80 cause any problems with squid/HTTP caches expecting HTTP over 80?

Finally, I take it that I can serve both RTMP and RTMPT over 80 simultaneously if this is the best option?

Any thoughts on this would be really appreciated :slight_smile:

RTMP over port 80 is fine, just as good as the default port 1935 or any port as far as Wowza is concerned. Wowza must be able to bind to port 80. Change /conf/VHost.xml /HostPort /Port “1935” to “1935,80”. Then restart Wowza and check the access log startup lines to see that Wowza was able to bind to port 80. You can specify an IpAddress in the HostPort instead of “*” so Wowza binds to port 80 on a specific IP address.

Yes, you can use RTMP and RTMPT to different clients at the same time. It is best to try RTMP first, then rollover over to RTMPT:

https://www.wowza.com/docs/how-to-set-up-protocol-rollover-with-actionscript)

Also, it is best to always use a port explicitly, whether it is default for that protocol or not. Because Flash 10+ will do its own internal protocol rollover (which you have no control over and takes a long time) if you don’t.

Port 443 is another good option, possibly slightly better than port 80 in some cases.

Richard

What type of security are you looking for?

Charlie

I would suppose most attacks on port 80 are aimed at Apache or IIS. If Wowza is using port 80, those exploits shouldn’t be a threat.

Richard

How secure is WOWZA ? Is secure to bind Wowza on port 80 ?

I see scanning and trying some exploits on my webservers in daily logs … Does wowza survive this attacks on port 80 ?

I have lot of feedbacks from clients , that they have closed port 1935 (closed everything other than 80,53,110,25) … Bind on port 80 will be great for all firewalled users …

as I was writed before … Does Wowza survive attacks on appache ? isee lot of attacks on port 80 daily …

Great … Im switching into port 80 … :slight_smile: