Skip to Content

4 ways to fix bind permission denied in Linux

On a Linux system, TCP ports in a reserved range (typically less than 1024) can only be bound by processes with root privilege. If we’re trying to bind a port in a Linux environment less 1024, we will receive a “Permission denied” error.

Listen tcp :80: bind: permission denied

So we should do either:

  • Use a port number larger than 1024
  • Run the script as a privileged user

Reason for bind: permission denied in Linux

Ports below 1024 are called Privileged Ports and in Linux (and most UNIX flavors and UNIX-like systems), they are not allowed to be opened by any non-root user. This is a security feature originally implemented as a way to prevent a malicious user from setting up a malicious service on a well-known service port.

How to fix bind: permission denied in Linux

  1. If using Linux 2.6.24 or later, we can set up a file capability on the file executable, to give elevated privileges to allow opening privileged ports only, and no other superuser privileges:
    • #sudo setcap cap_net_bind_service+ep /path/to/bin/file
  2. Set up a firewall on the server using iptables or an alternative, so that the lower port number is forwarded internally to a higher port number
    • $ sudo iptables -t nat -A PREROUTING -p tcp –dport 80 -j REDIRECT –to-port 3000
  3. Install and configure Apache or nginx as a reverse proxy server, which can be started as root to open the port
  4. Run our application with sudo command