To get to the heart of your question, I’ve had most success with realizing that my Web Server and Web Socket Server can both be on port 80, but different hosts ( origins ). As long as the Web Socket Server can handle CORS requests from your Web Page origin, it seems this is a way that avoids firewall problems and leads towards the architecture of having static content froma Web Server and dynamic from a WebSocket server.

So the story is:

• serve page from web.server.com:80 (that’s the origin)

• in application space on that web page open a WebSocket to websocket.server.com:80/serviceName

  (makes a cross-origin request that needs be be allowed by websocket.server.com, which might whitelist web.server.com)

• happily serve dynamic content and static content separately.

Some more specific answers to some of your questions:

A WebSocket server that is not hosted in port 80, will be invisible from Internet Browsers?

No. Your application in the browser can open a WebSocket to other ports if that is desirable,
subject to CORS constraints. Oftentimes it is advantageous to keep the WebSockets on port 80, so that intermediaries and edge gateways don’t have to change firewall rules.

I cannot use port 80 (it’s being used by IIS) neither 443 nor 8080.
Does WebSockets hosted on custom ports will have firewall issues?

Most likely, unless you are in control of the firewall and can open up other ports.