HAProxy configuration ports issue - linux

Hi :) I have problem with HAProxy configuration. I have haproxy and two backend servers (backend servers listen on 1234 port)
It's my haproxu config:
frontend http_front
bind *:80
backend http_back
balance roundrobin
server server1 10.0.0.2:1234
server server2 10.0.0.3:1234
This config doesn't work, but when i add to frontend:
bind *:1234
It works great - i don't understand it because bind *:1234 inform only haproxy to listen on 1234 port nothing more. Have you any advices or explanations ?

Port 80 is a privileged port, this means that you can only start haproxy as root when you want that haproxy should listen on port 80.
Another reason could be that there is another server listen on port 80. Maybe a web server run also on this machine which listens on port 80.

Related

Cannot get AWS Elastic Beanstalk single instance (no load balancer) to listen on 443

No matter what I do I cannot get my application to listen on port 443 (https). I simply need nginx to forward traffic to my app which is running https on port 8080, but nginx will only listen on port 80 and will refuse to forward to my app unless it is also running on port 80.
I've followed the instructions in this article but it makes no difference.
I do not have a domain name yet, I am simply using a self signed cert so I don't believe certbot will help here.
Please help I am so frustrated hahaaaaaa

What else is required to access a node app from outside a Digital Ocean droplet?

We have set up a node server which runs on port 5000.
In a newly created droplet, we have installed and started nginx. To access the node app, we have changed the default port from 80 to 5000 in /etc/nginx/sites-enabled/default
server {
listen 5000 default_server;
listen [::]:5000 default_server;
ufw is enabled
sudo ufw enable
Also the port is enabled
sudo ufw allow 5000/tcp
Also, tried this way too:
sudo ufw allow 5000
As confirmed with sudo ufw status
netstat -ntlp
Also the app is configured to listen on the public interface
const server = app.listen(process.env.PORT || 5000, '0.0.0.0', () => {
console.log('Express server listening on port %d in %s mode', server.address().port, app.settings.env);
});
However, not even the default port was responding. Hence, we reverted to 80 as the default port.
What else is required to access node app outside of the droplet?
When it comes to NodeJS and NGINX, we'll want to configure NGINX to listen on port 80, though we'll want to use proxy_pass to pass the request from the web server (NGINX) to the NodeJS application on the port that the application is running on. This will allow us to keep the port out of the URL.
With the current configuration, NGINX would be listening on port 5000 which would prevent the application from being able to listen in on the same port (or vice versa).
There is an excellent guide that covers setting up NodeJS + NGINX -- this specific part is the most important:
https://www.digitalocean.com/community/tutorials/how-to-set-up-a-node-js-application-for-production-on-ubuntu-16-04#set-up-nginx-as-a-reverse-proxy-server
The above covers how we'd go about setting up the Server Block :-)

Meteor app running on 127.0.0.1 instead of 0.0.0.0

I have my meteor app running on my production server. I have a reverse proxy setup on a different server.
A curl from my reverse proxy server to my app server gives me a Connection Refused.
My app is running on port 8080 and my firewall allows access to the port. I suspect the reason for the connection refused is that my app is running on 127.0.0.1 instead of 0.0.0.0
On running sudo netstat -tapn I get a
tcp 0 0 127.0.0.1:8080 0.0.0.0:* LISTEN 14391/node
How do I get the app to run on 0.0.0.0. If this is not the reason, what else could cause a connection refused?
127.0.0.1 is the loopback IP it's usually the same as localhost (as defined in your hosts file). you should never be able to connect to that IP from the outside. 0.0.0.0 binds to all IPs on the server, which is accessible from the outside.

Disable Port blocking on linux

I have shut down iptables for my server, inspite of that when I check on http://www.yougetsignal.com/tools/open-ports/ it says my ports are not open.
Where do I have to specify to open ports. I am running a linux server
Is your server/PC behind a NAT router? If so, you may need to port forward the required ports to your server/PC. A helpful website for guides on how to do so (as it depends on your router model) is http://portforward.com/
If your server is not behind a NAT router or if you've verified you're port forwarding, is the application that's supposed to be listening on the specific port even running? Try this:
netstat -anp | grep <port number>
Netstat manual page: http://linux.die.net/man/8/netstat
If you can't find the port as listening on netstat, make sure that the application is running.
You need a server program (daemon) running on a machine listening on a port for that port to be open.
Setup the 'nmap' package on your server with 'yum install nmap -y' and check listening ports on your server:
nmap localhost
If you can see your port listening then you need to check your router for proper port forwarding, else you need to make sure that your application is working and listening for the port.
For the example, Apache2 will listen for port 80 by default.

Redirect a domain to a ip and port

I have a node.js server listening on port 4000
how can I redirect my domain name: www.mydomain.com to a ip and port? The domain provider only allows an ip address without a portnumber in the redirection field. If I do a URL redirect, then the name of my side is not shown.
Please let me know how can I redirect it to my domain?
121.12.12.123:4000 redirect to www.mydomain.com
HTTP requests usually come in on port 80. When you type in a domain and do not specify a port, it automatically connects to port 80. You have a few options. You can run your Node.js server as root and have it listen on port 80, but it's not recommended.
You can also setup a Nginx on port 80 and use it to reverse proxy requests to your Node.js process which is listening on port 4000, but this introduces another component in your stack to manage and introduces a little bit of overhead for each request.
The way I prefer to handle this is to setup a redirect in iptables (assuming you're using Linux).
sudo iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 4000
That will redirect all traffic from port 80 to port 4000, where you're listening Node.js process is.
That allows you to run your Node.js process as an unprivileged user, but still answer requests on port 80.
Once you've done that than you can simply point your domain to the IP address of the server and normal web requests should work. Just be sure you have port 80 open on any firewalls first.
try this code
var httpProxy = require('http-proxy');
httpProxy.createProxyServer({target:'http://localhost:4000'}).listen(80);

Resources