I am setting up a Rest API on AWS EC2 and configuring the instance.
I have a problem and it is that despite being able to connect via ssh, I cannot make an API call on port 5000.
The VM has nothing configured, only Node and PM2.
Trying to enter through the public DNS I can't establish a connection either.
I have these security groups enabled.
5000 TCP 0.0.0.0/0
22 TCP 0.0.0.0/0
5000 TCP ::/0
443 TCP 0.0.0.0/0
443 TCP ::/0
80 TCP 0.0.0.0/0
80 TCP ::/0
Can someone help me with this? I don't understand what is happening.
What is the exact error is it timing out ?
If yes then the error is with the security group if not try doing ssh to your container and ping it locally using curl localhost command you might find that the pm2 server is not running the app properly
Related
Can't access node.js API on port 3000 on AWS EC2 instance, but netstat shows port :3000 listening and my AWS security group has TCP rules for this port. What else could the problem be?
I've tried changing port, setting security group rules and adding port to iptables and it didn't work. I'm using node 10.6.0.
When I use netstat -tulpn | grep LISTEN it contains the following line:
tcp 0 0 127.0.0.1:3000 0.0.0.0:* LISTEN 8270/node
When i try to access myip:3000/socket (my node endpoint) it shows: ERR_CONNECTION_REFUSED
I have a running AWS EC2 instance on an Ubuntu machine running a Nodejs server.
Everything works fine then opening the website via its public ip on port 3000 likes this:
http://XX.XXX.XXX.XXX:3000
Now I want to redirect all requests from port 80 to this port 3000 via iptables like described in this video: https://www.youtube.com/watch?v=WxhFq64FQzA via
sudo iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3000.
Unfortunately I am getting this error: http://prntscr.com/lja6hx when opening the site like this: http://XX.XXX.XXX.XXX (without port 3000 specified)
P.S.: I'm not really sure if my approach is correct. I am open to other ways of achieving a redirect from port 80 (http) to port 3000
As #Vorsprung suggested I should use an Application Load Balancer. I did this but it's still not working. Here is my setup:
My Application Load Balancer Listener
The Target Group I'm forwarding to in my ALB
My hosted zone (I've added the alias for the ALB here)
Please let me know if something is missing
either use nginx see https://nodebb.readthedocs.io/en/latest/configuring/proxies/nginx.html
or
you are on AWS! Use an ALB.. see https://docs.aws.amazon.com/elasticloadbalancing/latest/application/application-load-balancer-tutorials.html
I'm trying to deploy my application over Amazon EC2 instance, I couldn't reach my application over the public IP address. Such as 34.54.23.22:4200:
I've changed the security group and allowed TCP connection for port
4200
Nodejs is working fine, I've install it.
Ng serve is working
My inbound rules :
80 tcp 0.0.0.0/0, ::/0
4100 tcp 0.0.0.0/0, ::/0
443 tcp 0.0.0.0/0, ::/0
22 tcp 0.0.0.0/0
Thanks in advance!
I think the culprit is in how you do your ng serve. If you just did that command as is it won't work because you aren't allowing connections from the outside. For production deployment I highly recommend you use a true server like nginx or apache to serve your bundles (run ng build --prod).
To address your current situation you should be able to hit your page if you run ng serve --host 0.0.0.0 --port 80 which will allow connections on port 80 from most anywhere. Just be sure your server has said port open as well.
from this article: https://docs.newrelic.com/docs/apm/new-relic-apm/getting-started/networks
it suggests me to allow outgoing firewall with following ips and ports:
Networks
50.31.164.0/24
162.247.240.0/22
Ports
TCP 80
TCP 443
I'm using ufw, how can i do it?
I've tried this:
sudo ufw allow proto tcp from 50.31.164.0/24 port 80
sudo ufw allow proto tcp from 50.31.164.0/24 port 443
sudo ufw allow proto tcp from 162.247.240.0/22 port 80
sudo ufw allow proto tcp from 162.247.240.0/22 port 443
When I check my rules: they are like this:
Am I doing this right?
You already allow connections from anywhere to 80 & 443, so you don't need the extra allow statements for their specific IP ranges.
The request for outgoing connections is if you are running say your corporate site through it but are filtering outgoing traffic from your LAN (ie, only being able to get to a schools website from a kiosk in their hallway or from a lab) and you want people on your local network to be able to access it.
My laptop is running a local neo4j server. I can use it with localhost:7474 but when i try connecting it with 192.168.1.12:7474 it is unreacheable.
Turns out linux is blocking connections other than web server port 80. Because i can access my Apache server on 192.168.1.12/
I am trying to allow TCP connections on port 7474 by using
iptables -A TCP -p tcp --dport 7474 -j ACCEPT
but it gives a response as -
iptables: No chain/target/match by that name.
How can i make other clients access neo4j server running at my laptop on port 7474. My laptop IP addr is 192.168.1.12.
I doubt that it is blocking it. Probably your neo4j server is only running at 127.0.0.1. You can check this out with netstat -nplt: you will probably see something (the apache) listening on 0.0.0.0:80 or :::80 (e.g. catchall address) but on port 7474 you will probably only see 127.0.0.1:7474 or ::1:7474. If this is the case you need to reconfigure your neo4j server to listen not only on localhost (don't know how, checkout the documentation).
Okay. I had uncommented the webserver address line but it still wasn't working.
So i reinstalled neo4j. That solved it. Weird but worked.