python - socket.error: [Errno 10013] An attempt was made to access a socket in a way forbidden by its access permissions

45
votes

I'm trying to create a custom TCP stack using Python 2.6.5 on Windows 7 to serve valid http page requests on port 80 locally. But, I've run into a snag with what seems like Windows 7 tightened up security. This code worked on Vista.

Here's my sample code:

import SocketServer
import struct

class MyTCPHandler(SocketServer.BaseRequestHandler):
    def handle(self):
        headerText = """HTTP/1.0 200 OK
                        Date: Fri, 31 Dec 1999 23:59:59 GMT
                        Content-Type: text/html
                        Content-Length: 1354"""
        bodyText = "<html><body>some page</body></html>"
        self.request.send(headerText + "\n" + bodyText)

if __name__ == "__main__":
    HOST, PORT = "localhost", 80
    server = SocketServer.TCPServer((HOST, PORT), MyTCPHandler)
    server.serve_forever()

C:\python>python TestServer.py Traceback (most recent call last):
File "TestServer.py", line 19, in server = SocketServer.TCPServer((HOST, PORT), MyTCPHandler) File "C:\Python26\lib\SocketServer.py", line 400, in init self.server_bind() File "C:\Python26\lib\SocketServer.py", line 411, in server_bind self.socket.bind(self.server_address) File "", line 1, in bind

socket.error: [Errno 10013] An attempt was made to access a socket in a way forbidden by its access permissions

How exactly do I get this to work on Windows 7?

[Edit on 5/5/2010 @ 2344 PDT] This answer explains that the error is caused by the need for elevated / superuser privileges when accessing ports lower than 1024. I'm going to try using a higher port number to see if that works. However, I still would like to know why my local admin account can't access port 80.

15
pythonsocketswindows-7compatibilitysocketserver
Your local admin account may not be able to bind to port 80 because there is already another process (server) bound to it. telnet 127.0.0.1 80 will quickly show you if port 80 is already bound.msw
@msw That should give a different error.Daniel Stutzbach
@msw/everybody note that a telnet client isn't installed on Win7 by default.pythonlarry

15 Answers

22
votes

On Windows Vista/7, with UAC, administrator accounts run programs in unprivileged mode by default.

Programs must prompt for administrator access before they run as administrator, with the ever-so-familiar UAC dialog. Since Python scripts aren't directly executable, there's no "Run as Administrator" context menu option.

It's possible to use ctypes.windll.shell32.IsUserAnAdmin() to detect whether the script has admin access, and ShellExecuteEx with the 'runas' verb on python.exe, with sys.argv[0] as a parameter to prompt the UAC dialog if needed.

42
votes

I just encountered the same issue, my system is Win7. just use the command on terminal like: netstat -na|findstr port, you will see the port has been used. So if you want to start the server without this message, you can change other port that not been used.

16
votes

For me it was complaining like that on Windows 7 x64 when I had another process already listening on that same port.

It is possible to see currently occupied (bound) ports by running

netstat -ban
15
votes

Try to run the server at a different port. Worked for me:

python manage.py runserver 127.0.0.1:7000

Explanation:

as mentioned on Django documentation:

If you run this script as a user with normal privileges (recommended), you might not have access to start a port on a low port number. Low port numbers are reserved for the superuser (root).

This server uses the WSGI application object specified by the WSGI_APPLICATION setting.

DO NOT USE THIS SERVER IN A PRODUCTION SETTING. It has not gone through security audits or performance tests. (And that’s how it’s gonna stay. We’re in the business of making Web frameworks, not Web servers, so improving this server to be able to handle a production environment is outside the scope of Django.)

12
votes

McAfee was blocking it for me. I had to allow the program in the access protection rules

  1. Open VirusScan
  2. Right click on Access Protection and choose Properties
  3. Click on "Anti-virus Standard Protection"
  4. Select rule "Prevent mass mailing worms from sending mail" and click edit
  5. Add the application to the Processes to exclude list and click OK

See http://www.symantec.com/connect/articles/we-are-unable-send-your-email-caused-mcafee

8
votes

socket.error: [Errno 10013] An attempt was made to access a socket in a way forbidden by its access permissions

Got this with flask :

Means that the port you're trying to bind to, is already in used by another service or process : got a hint on this in my code developed on Eclipse / windows :

if __name__ == "__main__":
     # Check the System Type before to decide to bind
     # If the system is a Linux machine -:) 
     if platform.system() == "Linux":
        app.run(host='0.0.0.0',port=5000, debug=True)
     # If the system is a windows /!\ Change  /!\ the   /!\ Port
     elif platform.system() == "Windows":
        app.run(host='0.0.0.0',port=50000, debug=True)
4
votes

Just run on ports above 1024 , anything below is privileged, its the same deal with Linux, i use 5000 for example on wins without any UAC priv escalation.

4
votes

Your local port is using by another app. I faced the same problem! You can try the following step:

  1. Go to command line and run it as administrator!

  2. Type:

    netstat -ano | find ":5000"
=> TCP    0.0.0.0:5000           0.0.0.0:0              LISTENING       4032
   TCP    [::]:5000              [::]:0                 LISTENING       4032

  3. Type:

    TASKKILL /F /PID 4032

=> SUCCESS: The process with PID 4032 has been terminated.

Note: My 5000 local port was listing by PID 4032. You should give yours!

2
votes

I had to allow ..\python27\python.exe in windows firewall. I don't need to do this on WinXP or Win8.

2
votes

It Seems the Port 80 is already in use. Try to Use some other Port which is not in use by any other application in your System.

1
votes

The main problem is port number used by another application.So you can change the port number to unused one as shown below.

In windows you can view the used port numbers used by different apps in windows task manager.

python manage.py runserver 127.0.0.1:portnumber
Ex: python manage.py runserver 127.0.0.1:8080
1
votes

I solved this on Windows 10 by editing an outbound firewall rule. Right click "allow" on rule "Block network access for R local user accounts in SQL Server instance MSSQLSERVER"

from Windows 10 Firewall - Outbound rules- this is what was blocking my instance

Screenshot from Windows 10 Firewall - Outbound rules- this is what was blocking my instance

0
votes

Disable Access Protection in Antivirus,

I faced same issue at last found the below logs from antivirus.

Blocked by Access Protection rule NT AUTHORITY\SYSTEM C:\WINDOWS\SYSTEM32\SVCHOST.EXE C:\PROGRAM FILES (X86)\MCAFEE\VIRUSSCAN ENTERPRISE\MCCONSOL.EXE Common Standard Protection:Prevent termination of McAfee processes Action blocked : Terminate Blocked by port blocking rule C:\USERS\username\APPDATA\LOCAL\PROGRAMS\PYTHON\PYTHON37-32\PYTHON.EXE Anti-virus Standard Protection:Prevent mass mailing worms from sending mail

0
votes

I just found in my case Kaspersky Internet Security 2019 Firewall was blocking net access for python. Disabling firewall working smoothly. Or adding a exception rules for python app and all file extension with *.py will also work.

-3
votes

I found a solution to solve this problem in Python.

go to c:\python27\ directory and rigtlcick python.exe and tab to compaitbility and select the admin privilege option and apply the changes. Now you issue the command it allows to create the socket connection.