Restrict IIS to listen only on X IP Address. Allowing you to co-run with TomCat/Apache on port 80 with IIS on port 80


Long title I know. So your running IIS on your server and serving up websites on port 80.  You also have some third party program that’s running on Tomcat. Maybe like Atlassian products like Jira or Confluence. However they have to run on ports like 8088 or 8443 for SSL because TomCat can bind the port numbers but cannot use port 80 because IIS hogs that up on all your IP addresses.

Assuming your server has more then one IP you can limit IIS to only bind on a single IP and then in TomCat’s config you can limit it’s binding IP to the other. (Technically you’re not limiting IIS you’re limiting the http web protocol that IIS uses).


Open a command prompt as an administrator

Show which IP Address IIS is listening/binding too with this command.

netsh http show iplisten

Then limit IIS to listen/bind certain IP address with this command

netsh http add iplisten

Reboot the server (You could try restarting http service but that doesn’t always show up in services and it’s a pain. Easier to reboot).

Run the listen command again and you should that the restricted IP is no longer in the list. You’re now free to use that IP for TomCat or some other service and bind to port 80 and 443.

Structuring Your Application Project

Getting Passive FTP to work with Windows Advanced Firewall and Gene6FTP G6FTP Server