diff --git a/README.md b/README.md
index b71709d..c1a1368 100644
--- a/README.md
+++ b/README.md
@@ -162,6 +162,7 @@ Application Options:
   --url-path=                                           Callback URL Path (default: /_oauth) [$URL_PATH]
   --secret=                                             Secret used for signing (required) [$SECRET]
   --whitelist=                                          Only allow given email addresses, can be set multiple times [$WHITELIST]
+  --port=                                               Port to listen on (default: 4181) [$PORT]
   --rule.<name>.<param>=                                Rule definitions, param can be: "action", "rule" or "provider"
 
 Google Provider:
diff --git a/cmd/main.go b/cmd/main.go
index 8e1f083..d8d8028 100644
--- a/cmd/main.go
+++ b/cmd/main.go
@@ -1,6 +1,7 @@
 package main
 
 import (
+	"fmt"
 	"net/http"
 
 	internal "github.com/thomseddon/traefik-forward-auth/internal"
@@ -25,6 +26,6 @@ func main() {
 
 	// Start
 	log.WithField("config", config).Debug("Starting with config")
-	log.Info("Listening on :4181")
-	log.Info(http.ListenAndServe(":4181", nil))
+	log.Infof("Listening on :%d", config.Port)
+	log.Info(http.ListenAndServe(fmt.Sprintf(":%d", config.Port), nil))
 }
diff --git a/internal/config.go b/internal/config.go
index 4054612..840fb6d 100644
--- a/internal/config.go
+++ b/internal/config.go
@@ -39,6 +39,7 @@ type Config struct {
 	Path                   string               `long:"url-path" env:"URL_PATH" default:"/_oauth" description:"Callback URL Path"`
 	SecretString           string               `long:"secret" env:"SECRET" description:"Secret used for signing (required)" json:"-"`
 	Whitelist              CommaSeparatedList   `long:"whitelist" env:"WHITELIST" env-delim:"," description:"Only allow given email addresses, can be set multiple times"`
+	Port                   int                  `long:"port" env:"PORT" default:"4181" description:"Port to listen on"`
 
 	Providers provider.Providers `group:"providers" namespace:"providers" env-namespace:"PROVIDERS"`
 	Rules     map[string]*Rule   `long:"rule.<name>.<param>" description:"Rule definitions, param can be: \"action\", \"rule\" or \"provider\""`
diff --git a/internal/config_test.go b/internal/config_test.go
index 4740ddf..27b8fdc 100644
--- a/internal/config_test.go
+++ b/internal/config_test.go
@@ -37,6 +37,7 @@ func TestConfigDefaults(t *testing.T) {
 	assert.False(c.MatchWhitelistOrDomain)
 	assert.Equal("/_oauth", c.Path)
 	assert.Len(c.Whitelist, 0)
+	assert.Equal(c.Port, 4181)
 
 	assert.Equal("select_account", c.Providers.Google.Prompt)
 }
@@ -51,6 +52,7 @@ func TestConfigParseArgs(t *testing.T) {
 		"--rule.1.rule=PathPrefix(`/one`)",
 		"--rule.two.action=auth",
 		"--rule.two.rule=\"Host(`two.com`) && Path(`/two`)\"",
+		"--port=8000",
 	})
 	require.Nil(t, err)
 
@@ -58,6 +60,7 @@ func TestConfigParseArgs(t *testing.T) {
 	assert.Equal("cookiename", c.CookieName)
 	assert.Equal("csrfcookiename", c.CSRFCookieName)
 	assert.Equal("oidc", c.DefaultProvider)
+	assert.Equal(8000, c.Port)
 
 	// Check rules
 	assert.Equal(map[string]*Rule{