How to Find All Clients Connected to HTTP or HTTPS Ports

In this short quick article, you will learn how to find all clients (using their IP addressees) connected to an Apache or Nginx web server on HTTP or HTTPS ports on a Linux server.

In Linux, every service running on the server listening to the socket for a client to make a connection request. Upon a successful connection from a client, a socket (a combination of an IP address and a port (a number which identifies an application/service the client is connected to)) is created.

Recommended Read: How to Watch TCP and UDP Ports in Real-time

To get the detailed information of these sockets, we will use a ss command-line tool, which is used to display network socket related information on a Linux machine. You can also use the older netstat command, which displays active socket connections.

For example, you can use these tools to get the socket statistics information of all clients connected to a specific port or service.

# ss
OR
# netstat
List All Network Connections
List All Network Connections

To get the list of all clients connected to HTTP (Port 80) or HTTPS (Port 443), you can use the ss command or netstat command, which will list all the connections (regardless of the state they are in) including UNIX sockets statistics.

# ss -o state established '( sport = :http or sport = :https )'
OR
# netstat -o state established '( sport = :http or sport = :https )'
List Clients Connected to HTTP and HTTPS Ports
List Clients Connected to HTTP and HTTPS Ports

Alternatively, you can run the following command to list the numerical port numbers.

# ss -tn src :80 or src :443
OR
# netstat -tn src :80 or src :443
List HTTP and HTTPS Ports Client Connections
List HTTP and HTTPS Ports Client Connections

You might also find the following articles useful:

  1. 4 Ways to Find Out What Ports Are Listening in Linux
  2. How to Check Remote Ports are Reachable Using ‘nc’ Command

That’s all we have in this short article. For more information about the ss utility, read its man page (man ss). You can reach us for any questions, via the comment form below.

Hey TecMint readers,

Exciting news! Every month, our top blog commenters will have the chance to win fantastic rewards, like free Linux eBooks such as RHCE, RHCSA, LFCS, Learn Linux, and Awk, each worth $20!

Learn more about the contest and stand a chance to win by sharing your thoughts below!

Ravi Saive
I am an experienced GNU/Linux expert and a full-stack software developer with over a decade in the field of Linux and Open Source technologies

Each tutorial at TecMint is created by a team of experienced Linux system administrators so that it meets our high-quality standards.

Join the TecMint Weekly Newsletter (More Than 156,129 Linux Enthusiasts Have Subscribed)
Was this article helpful? Please add a comment or buy me a coffee to show your appreciation.

4 Comments

Leave a Reply
  1. Hello great the day,

    Every time I have used your “tecmint.com” site, always I got very easy and simple solutions from you, Thanks for your support…

    Now I have been faced some issues with my server. I got more unwanted HTTP requests in my Nginx server when the time my server taking overload… at time domain was not working.
    So I have stopped/restart my server then the domain is working properly so every time I have followed the same process.

    Kindly suggest to me a feasible solution, to prevent this kind of situation.

    Thanks

    Reply
    • @Selvamohan,

      You need to check the Nginx server logs to find out what IP address is requesting multiple numbers of requests and then block that IP.

      Reply
      • @Ravi Saive

        Thanks for your feedback, is there any other alternate/possible solution for it. Please suggest me.

        May I know that How to configure for mail alert when the server received more/bulk requests?

        Reply
  2. Hello,

    Is it possible to check a specific IP address if it’s connected or not?

    For example, in the above example, it says you can check the connections toward a specific port. In this scenario, instead of port, we check the IP.

    Reply

Got Something to Say? Join the Discussion...

Thank you for taking the time to share your thoughts with us. We appreciate your decision to leave a comment and value your contribution to the discussion. It's important to note that we moderate all comments in accordance with our comment policy to ensure a respectful and constructive conversation.

Rest assured that your email address will remain private and will not be published or shared with anyone. We prioritize the privacy and security of our users.