IANA left port 2083 blank. The registered port range (1024--49151) has thousands of gaps like this -- numbers that exist on no official list, assigned to no service. Organizations can request registration, or they can just start using a port and hope it doesn't conflict with anything.
Port 2083 attracted two entirely different communities, both of which made it their own.
What Range This Port Belongs To
Port 2083 sits in the registered port range (1024--49151). These ports require no special OS privileges to open, unlike the well-known ports below 1024. IANA maintains a registry of assigned ports in this range, but assignment requires submitting a request -- and not every service bothers.
The registered range is large enough that gaps persist. Port 2083 is one of them: officially unassigned, practically occupied.
The Two Unofficial Occupants
cPanel over HTTPS
If you've ever managed shared web hosting, you've seen the URL: https://yourserver.com:2083. That's cPanel, the web hosting control panel that runs on an enormous fraction of the world's shared hosting servers. Port 2083 is where cPanel listens for secure (HTTPS) connections from hosting customers who want to manage their files, email accounts, and databases.1
cPanel chose this port years ago, deployed it across millions of servers, and it became fact through sheer ubiquity. No RFC sanctioned it. No IANA record exists for it. It's just where cPanel lives, and the hosting industry built around that.
One practical consequence: some ISPs and corporate firewalls block port 2083 because it's not standard HTTPS (port 443). Users behind those networks can't reach their cPanel without a workaround.2
RadSec (RADIUS/TLS)
RADIUS, the authentication protocol that verifies who you are on enterprise Wi-Fi and VPN systems, was designed in the early 1990s. It sends most of its data in cleartext and protects passwords with MD5 -- a hash algorithm that's been broken for years. For a protocol handling authentication credentials, this is a problem.
RadSec fixes it by wrapping RADIUS inside TLS. A vendor called Open Systems Consultants implemented this first for their Radiator product, picked port 2083, and the implementation spread through enterprise network equipment. When the IETF's RADIUS Extensions working group finally standardized RADIUS/TLS in 2012 as RFC 6614, they looked at what was already deployed and ratified port 2083 -- because it was already everywhere.3
So port 2083 is listed in RFC 6614 as the default port for RADIUS/TLS, even though IANA's registry still doesn't formally record it. The standard cites the informal prior use explicitly.
How to Check What's Listening
If you see traffic on port 2083 and want to know what's using it:
On Linux/macOS:
On Windows:
Remotely (to check if a port is open):
If you see a web server process (Apache, Nginx, LiteSpeed), it's likely cPanel. If you see a RADIUS daemon, it's RadSec.
Why This Matters
The gap between how port assignment is supposed to work and how it actually works is enormous. The registered range has over 48,000 possible ports. IANA has assigned a fraction of them. The rest exist in a gray zone where informal adoption, vendor decisions, and sheer inertia determine who gets what.
Port 2083 ended up with two occupants because neither checked, or checked and didn't care, or checked and found the port empty and assumed that meant safe. In practice, both uses have coexisted because cPanel and RadSec deployments rarely share infrastructure -- web hosting servers aren't usually enterprise RADIUS servers.
It works. It's messy. That's the Internet.
Hasznos volt ez az oldal?