I'm trying to set up mongodb on webfaction. It works fine, currently running on port 36505 on the server. I can connect to it on the server just fine. But per the firewall, I can't connect to 36505 on the server from the 'net.
I can expose the port by mapping the port to port 80 under a sub-path. So I can make 1.1.1.1:36505 to 1.1.1.1:80/mongodb
My question is how do I actually connect to that? I'm not sure if mongo supports subpaths on port 80 or not...
The problem with what you are doing here is that the WebFaction firewall will prevent direct connections to your MongoDB instance because it isn't speaking straight HTTP and you don't have access to make it use port 80. The simple fix for this is to get a dedicated IP address and then have the support team open a hole in the firewall in order for you to connect directly to the database that way.
Here is an example on the WebFaction community page:
http://community.webfaction.com/questions/3448/using-websockets-with-a-nodejs-custom-app
Related
I am attempting to set up an apache2 web server on my raspberry pi. I am able to connect to it by doing http://localhost:8080 (8080 because my router blocks port 80). Although when I do http://my.pub.lic.ip:8080 the connection times out. I set up port forwarding so that requests going to my router on port 8080 go to my raspberry pi on port 8080. This does not seem to work but I'm also not sure if the port forwarding is the cause or if it is something else. Any suggestions?
Is your web server configured to listen on the network interface besides localhost?
https://httpd.apache.org/docs/2.4/bind.html
For example, to make the server accept connections on both port 80 and port 8000, on all interfaces, use:
Listen 80
Listen 8000
To make the server accept connections on port 80 for one interface, and port 8000 on another, use
Listen 192.0.2.1:80
Listen 192.0.2.5:8000
You can try using nmap by finding your router's public IP and on the raspberry pi type nmap my.pub.lic.ip This will show you what services are actually being published to the world. This gives more insight to the problem.
I got the web server up and running although for some reason it appears that my isp would only allow it to be hosted securely (as an https page)(I'm not sure if that's the right way to phrase it). To achieve this for free, I used cloudflare's ssl service. A tutorial to set it up for apache2 can be found here
(I've searched SO, AWS support and more widely without success.)
I've just successfully deployed a MEANjs application to a Bitnami MEAN instance on EC2, following Ahmed Haque's excellent tutorial on scotch.io. As part of the tutorial/deployment I altered the AWS Security Group to include port 27017 for MongoDB traffic. The CIDR notation for the port 27017 was 0.0.0.0/0 - which AFAIK means 'allow access from any IP address'.
Question: Why does MongoDB port 27017 need to be opened in AWS EC2
Security Group for a 'production' type environment? Surely this is directly exposing the DB to the
Internet. The only thing that should be talking to Mongo is the
"/server/api" code, which is running on the same instance -
and so shouldn't need the port opening.
If I change the Security Group rule for port 27017 by closing off 27017, changing the source to: localhost, the internal IP address, the public IP address, or hack a CIDR to be equivalent to any of those - then the web app hangs (static content returns but no responses to db backed api calls). Changing the SG rule back to 0.0.0.0/0 almost immediately 'fixes' the hang.
All is otherwise sweet with my install. I've closed port 3000 (the node app) in the Security Group and am using Apache to proxy port 80 traffic to port 3000. Set up like this, port 3000 does not need to be open in the Security Group; to me this implies that on-instance traffic doesn't need ports to be externally exposed - so how come that's not true of the Mongo port?
I cant see anything in the '/client' code which is talking direct to Mongo.
What am I missing?
Thanks in advance - John
OK, after further investigation and overnight/red wine reflection I think I have an answer for those learners like me following the above tutorial (or similar). Following the Agile principle that 'done' means 'working code in a production environment' I was trying to understand the last 5 meters as a developer trying to get code working in a representative production environment (which wouldn't have unnecessary ports open) - this answer is written from that perspective. (Builds welcome from wiser readers.)
What's Happening
The step in the tutorial which (a) changed the Mongo bind IP address from 127.0.0.1 to 0.0.0.0, and (b) specifies a connection URL which uses the external IP address of the same instance, appears to have two effects:
It makes the MongoDB on the instance you're configuring potentially available to other instances (0.0.0.0 tells Mongo to "listen on all available network interfaces".)
It means that the IP traffic from your MEAN app /server component on the same instance will talk to Mongo as though it was coming from off-instance (even though it's on the same instance). Hence the Security Group needs to make port 27017 open to allow this traffic to flow. (This is the nub of the issue in terms of MEANjs stack component interaction.)
Fix
On a single instance MEANjs server, if you change the Mongo bind IP address back to 127.0.0.1 and the Mongo connection url to be 127.0.0.1:27017 then you can close off port 27017 in the EC2 Security Group and the app still works.
To share one MongoDB across more than one MEANjs app server (without wanting to stray into serverfault territory):
Change the Mongo bind IP address to 0.0.0.0,
Use the private IP address of the Mongo server in other app/instance connection strings
Add a EC2 Security Group CIDR rule of private IP address/24, or private IP address/16 to allow access across instances in the specified internal IP address range.
The above is developer 'hack', not a recommendation for good practice.
I am trying to make my XAMPP server public on the internet. But when i try to access it using my ip adress it says connection refuzed. I have followed lots of tutorials but most of them are for older versions. I have set the 80,443 ports on and have added them as a firewall exception but it still not working. Can you please give me some sugestions?
The idea is the same no matter the version of XAMPP you are using.
It's not clear if you configured port forward on your router (all connections on ports 80 or 443 will be forwarded to the XAMPP "server"). You should do this orderwise the incoming connection will never be redirected properly.
I am not sure if ISPs can block external access to ports 80 or 443, but you can also configure an alternative port, like 8000, to be forwarded to 80 internally, then you access your server using http://[your_public_IP]:8000
There are some sites you can use to check your public IP, like: http://whatismyipaddress.com/.
I just want to know if I can forward port 80 or 8080 or 21 on my router just to check if those ports are open to public. I don't have a server running on my PC though. I'm sure it's possible if a server is running and configured.
This is a very detailed link on how to do it , but i guess it is also depends on the router you've got .
http://www.pcworld.com/article/244314/how_to_forward_ports_on_your_router.html
I have a web server running out of my home. I have assigned it an address such as 192.168.1.123 on port 80.
I understand that this is running on my local network. If I go to another computer on my network and type in the server's ip address, I can see the server.
Is there a way to access this server from outside my LAN?
Yes, you need to set your router to forward connections to port 80 to your internal IP address (192.168.1.123). Look for Port Forwarding on your router admin screen which I would imagine you access by going to http://192.168.1.1
Keep in mind that your ISP may block port 80 completely in which case you can run your web server on a different port (for example por 8180) and have your router forward connections to port 8180 to your internal IP.
To access your server from outside, you just need to point your browser to your external IP address which you can find out by going to http://www.ipchicken.com
Assuming you have a connection to the internet:
https://github.com/progrium/localtunnel
is a quick way to access your local server from the internet. There might be similar implementations in other languages/platforms. This is just the one I know about.
Remember that security issues need to be carefully considered when opening your local network to the world.
If you use a PHP Webserver you can set it this way:
php -S <YourIPAdresse>:<SomePortNumber> <StartPHPpage>
Example: „php -S 192.168.1.123:9000 index.php"