I have what I think is a security setting problem. I have an instance of tomcat running on my Win7 pc listening on 8080 and I can connect fine to it from another pc.
I then have a GWT app running listening on port 8888 but I can't connect to it. Is there a setting on Win7 that I must white list what ports I want to allow remote connections to come in on. I turned my firewall off momentarily but this made no difference.
When Dev Mode starts, by default it does not allow access to your server from a remote IP. To active this, you must specify which address the server should bind to. From https://developers.google.com/web-toolkit/doc/latest/DevGuideCompilingAndDebugging#What_options_can_be_passed_to_development_mode this is usually done by adding the following to your arguments, sometime before the modules
-bindAddress 0.0.0.0
This will bind the server to all IP addresses available to the JVM.
Related
I am running Xdebug extension on PHP webserver (IIS), and VSCode on different development machine.
When I start listening for Xdebug session in VSCode (with Felix Becker's PHP Debug) without proxy, everything works as expected.
Now I am trying to use dbgpProxy because there are multiple devs on the development machine.
I have tried to run dbgpProxy on the webserver and register to it by activating proxy settings in VSCode, but it fails with Connection refused. At the same time, Xdebug connects to the proxy just fine and proxy tries to forward incoming session based on IDE key but of course cannot find it because the registration failed.
So I tried running dbgpProxy on the development machine. This time VSCode registered successfully with the proxy, but when Xdebug tried to connect to the listening proxy, it failed.
I was pretty sure I knew what I was doing, ports were open, everything SHOULD work but it didn't.
It turned out to be a problem in the IP addresses.
I ran the proxy with default settings, which is localhost (127.0.0.1) for both server and client part with respective ports 9000 and 9001. Which was wrong (for my situation).
To listen to the incoming connections from another machine, proxy has to be configured with real IP address of the machine it is running on, otherwise it won't listen.
In my case I have decided to run the proxy on the server, so I run it with just one parameter for the incoming client connections and leave the server parameter default (which is 127.0.0.1:9000 and of course configure XDebug in php.ini to this address and port).
dbgpProxy.exe -i 10.123.54.76:9001
Sorry for the basic question but im a complete noob on those matters.
I have a cloud server where i run a jup[yter notebook server, which normally is run on port 8888.
However when i try to connect to it from work, it doesnt work, which i suspect is due to the firewall.
I can connect from work to a regular ssh session through port 22 or 443.
However the jupyter notebook refuses to be run on those ports, probably because they are allocated already.
I tried to run PortQry to get the open ports on my work server (which is windows) and it reurned port 50248. I tried to have my jupyter server to listen on that one but it didnt work.
I also tried to scan the open port of my work server, but i received a warning from AWS! And the few ports that were returned as seemingly opened didnt work either when i set up my jupyter notebook to listen on them.
I would like to understand:
On my own server: How can i identify which port the jupyter server program can listen on?
On my work machine: How can i identify which one of my own server port would be let through the firewall of my work?
You need to use SSH local port forwarding.
https://help.ubuntu.com/community/SSH/OpenSSH/PortForwarding
You will open a SSH connection to your server but a local port, lets say 4444, will connect over the SSH connection and resolve to 8888 on the remote server.
With this you'd be able to open a browser locally and go to localhost:4444 and it would resolve to your remote hosted site. The command for this locally would be something like -
ssh -L 4444:localhost:8080 yourremoteserveraddress
An alternative option would be to use a SOCKS proxy via dynamic forwarding but this would involve needing to reconfigure your browser.
Always keep in mind any company policies around this type of thing. Even though 22 and 443 are open to the internet, use of them in this manner may break a policy and there is always the possibility of the company using a MITM proxy to monitor for this type of usage, specifically on 443.
I have configured jetty-maven-plugin in my eclipse Mars and I can run the server using jetty start and stop goals. I can able to access the website using http://localhost:8080/myapp but not using local IP address(i.e., http://192.168.0.5:8080/myapp) from my own computer or other computers connected in the same network via LAN and Wi-Fi.
As mentioned as a solution in these posts,
how to make jetty server accessible from LAN?
Configuring Jetty to accept connections from all hosts
I configured the server host to 0.0.0.0 from localhost to listen on all hosts. With this setting I can see on server start log,
INFO:oejs.AbstractConnector:Started SelectChannelConnector#0.0.0.0:8080
and it works only on http://localhost:8080 but it's not accessible from http://192.168.0.5:8080.
I also tried running that if the interface is accessible using the Networks Interface Listing as mentioned in this comment. and I got,
Display name: NETGEAR WNA1000M N150 Wireless USB Micro Adapter
Name: wlan4
InetAddress: /192.168.0.5
I also tried turning off my Windows Firewall/antivirus but din't help. My jetty version is <jetty.version>9.3.0.M1</jetty.version> and JDK 1.7. What could be the problem? Any help is appreciated.
McAfee Endpoint Security was the culprit here. It was blocking the requests with IP addresses from my very own computer. Turned off the firewall inside the Antivirus and I was able to access the site with http://192.168.0.5:8080/mysite from the browser and other devices connected through the network.
Sometimes some other program opens your port on external address before you do that with Jetty. It will receive all traffic instead. On Windows you will not know it if you reuse port (that is Jetty's default behavior). Check with netstat -ano what is the IP of the process that is indeed listening on 0.0.0.0:8080. Verify if it is your Jetty process only.
Then try connecting with telnet or netcat and see if you can open the connection and what is the response.
All connection attempts on RhodeCode on CentOS 6.3 are refused except from localhost.
Note that iptables is not running, and I am only trying to visit the web interface.
I have googled the exact error message below and looked around SO. I have yet to find a solution.
abort: error: No connection could be made because the target machine actively refused it
If the firewall is down, and I am not trying to modify any repository, what else is preventing me from connecting? EDIT: See #5 below. Not sure how to address it yet.
Things tried and other info
Using localhost, 127.0.0.1 and hostname in production.ini
service iptables stop
Connected over HTTP successfully. In other words, connections are accepted outside RhodeCode.
Made sure no authentication methods were enabled or configured in production.ini
Although the server accepts connections on localhost, netstat -l does not show that port 5000 is listening. Port 5000 is set in production.ini and ps uax | grep paster confirms the server is running. No other software tries to grab port 5000.
Ok, apparently I have been misunderstanding the host configuration. I was running on the assumption that host should be set to 127.0.0.1 or localhost in production.ini for RhodeCode to know what host to look for for another service. This was a faulty presumption on my part, since I am used to pointing web applications to local systems to look for databases.
It turns out that host binds the application to a specific address for access, meaning that it RhodeCode was supposed to only respond to local requests, regardless of what other system policies say. The setup docs did not make this clear because it did not specify that external connections would be refused. All it said was:
This command [paster serve] runs the RhodeCode server. The web app should be available at the 127.0.0.1:5000. This ip and port is configurable via the production.ini file created in previous step
The problem was fixed by binding RhodeCode to 0.0.0.0, which opened it to outside connections. Kudos to Ćukasz Balcerzak for pointing this out in the RC support google group.
Our application uses the PayPal api, in order to test it PayPal needs to be able to post data to a serlvet on our servers. This is no problem in production however when running in GWT-Dev mode I cannot seem to get GWT to work through my home router. GWT is running on port 8888 and I have added the needed firewall rules to get this to work.
Does GWT somehow stop requests from working from outside the local area network? I tried -bindAddress 192.167.x.x but it did not work.
For security reasons the jetty server used in gwt dev mode only binds to localhost.
If you want to bind it to all intefaces use the parameter -bindAddress 0.0.0.0
To make sure the servlets are reachable try to connect from a different host on your network (e.g. with Telnet).