Port 1880: Node-RED — The IoT wiring board the Internet never officially registered

What This Port Is

Port 1880 sits in the registered port range (1024–49151). These ports are supposed to be claimed through IANA, which maintains the official registry of which port belongs to which service. Port 1880 has no entry. IANA doesn't know it exists.

The Internet does.

The Unofficial Tenant: Node-RED

Node-RED is a flow-based visual programming tool — you drag nodes onto a canvas, wire them together, and suddenly your temperature sensor is posting to Slack and turning on a light. It was created in 2013 by Nick O'Leary and Dave Conway-Jones at IBM's Emerging Technology Services group, initially as a proof-of-concept for visualizing MQTT topic mappings. IBM open-sourced it and donated it to the OpenJS Foundation in 2016.

When Node-RED starts, it opens a web server on port 1880. You visit http://localhost:1880 and get a full visual editor in your browser. The port wasn't registered with IANA. Nobody filed a form. The team picked it, shipped it, and the number spread across millions of Raspberry Pis, industrial controllers, and cloud deployments.

Node-RED became the de facto wiring layer for IoT. The port came with it.

What Else Uses It

Because Node-RED became infrastructure, tools built on top of it also inherit port 1880:

STMicroelectronics STM32CubeMonitor — ST's real-time debugging and visualization tool for STM32 microcontrollers is built on Node-RED. When you launch it, you're launching Node-RED, and port 1880 opens with it. This is why users occasionally see "port 1880 already in use" errors when both tools try to run simultaneously.¹

Any sufficiently popular Node-RED derivative tends to default to 1880 as well, simply because that's what users expect.

Security Considerations

Node-RED's editor is powerful. By default, it has no authentication — anyone who can reach port 1880 can read your flows, modify them, and execute arbitrary commands on the host. This is fine on a laptop. It is not fine exposed to the Internet.

The Node-RED documentation is explicit about this: if you expose the editor externally, you must configure authentication and HTTPS.² Unprotected Node-RED instances on public IPs are a recurring security finding. Shodan regularly surfaces them.

How to Check What's Listening

# macOS/Linux — show what process holds port 1880
lsof -i :1880

# Linux alternative
ss -tlnp | grep 1880

# Windows
netstat -ano | findstr :1880
# then: tasklist | findstr <PID>

If you see node in the output, it's Node-RED. If you see nothing, the port is free.

Why Unassigned Ports Matter

The registered port range exists so applications don't collide. When a popular tool skips registration and just picks a number, it creates informal conventions that are invisible to the official record. Two applications independently choosing the same unregistered port will conflict — and neither is "wrong" by the official record, because neither is officially right.

Port 1880 has been Node-RED's for over a decade. At this point, any application choosing 1880 for something else would be the one causing problems.