Put Varnish on ports 80 and 443

Newer versions of Varnish are already listening on port 80 by default, as you can see in the ExecStart setting below:

ExecStart=/usr/sbin/varnishd \
	  -a :80 \
	  -a localhost:8443,PROXY \
	  -f /etc/varnish/default.vcl \
	  -P %t/%N/varnishd.pid \
	  -p feature=+http2 \
	  -s malloc,256m

This ExecStart setting is part of the varnish.service unit file for systemd.

Make Varnish listen on port 443 too

As of Varnish 9, we support native TLS. This means you can also make Varnish listen on port 443 to handle HTTPS traffic.

Here’s what the ExecStart setting of your varnish.service file in systemd would look like with port 443 enabled:

ExecStart=/usr/sbin/varnishd \
	  -a :80,http \
	  -a :443,https \
	  -a localhost:8443,PROXY \
	  -f /etc/varnish/default.vcl \
	  -P %t/%N/varnishd.pid \
	  -p feature=+http2 \
	  -s malloc,256m

Have a look at our TLS tutorial to learn the different ways to make configure TLS in Varnish. When it comes to the systemd side of managing varnishd and its configuration options, our systemd configuration tutorial for Varnish also comes in handy.

Put Varnish on ports 80 and 443

Make Varnish listen on port 443 too#

Make Varnish listen on port 443 too