I have a domain and hosting so I want to deploy nodejs in a Windows environment. However when I tried to find the best way to deploy it they are all related to running nodejs in a linux environment.
so how do I deploy it in a windows environment?
When you map a domain name to an IP address, all traffic is going to come in on port 80 (http) & 443 (https), by default.
Here is a solution:
Suppose your domain name is example.app.com with its public IP address as 127.65.43.21:80.
Start your server on localhost:8081
Add "local DNS" in the hosts file as a new line
127.65.43.21 example.app
Any free address in the network 127.0.0.0/8 (127.x.x.x) can be used.
Assuming 127.65.43.21:80 is not occupied by another service.
You can check with netstat -a -n -p TCP in powershell ran as Admin
Add the following network configuration with netsh command utility:
netsh interface portproxy add v4tov4 listenport=80 listenaddress=127.65.43.21 connectport=8081 connectaddress=127.0.0.1
You can now access the server at http://example.app.com
You can see the entry you have added with the command:
netsh interface portproxy show v4tov4
You can remove the entry with the following command:
netsh interface portproxy delete v4tov4 listenport=80 listenaddress=127.65.43.21
Hope this answers your query.
Related
When configuring ddev with a project TLD it becomes unreachable when replacing "docker desktop" with "docker-ce".
project_tld: testing
How can I reach the project again from my local machine and from our company LAN?
The reason for the website becoming unreachable is that WSL2 only binds ports to the localhost and not to every interface.
Docker desktop itself binds to every interface and forwards everything to WSL2 that is why it worked. For docker-ce a manual solution is required.
The problem is documented in the wsl documentation and a solution is described.
A script for discovering and setting the port forwarding automatically is found in an older WSL2 issue on github.
With the localhostForwarding option set (documentation) for WSL2 the following commands work too:
netsh interface portproxy add v4tov4 listenport=80 connectport=80 connectaddress=127.0.0.1
netsh interface portproxy add v4tov4 listenport=443 connectport=443 connectaddress=127.0.0.1
In some future version Microsoft may bring the bridged networking option back for WSL2 see issue discussion.
Edit: After moving from Docker Desktop to docker-ce I have discovered that my solution doesn't work as it prevents wsl from listening to the 127.0.0.1:80/443 after a restart. The powershell solution in the fourth link works as it directly connects to the wsl ip adress.
Background: I'm trying to have XDebug connect to my IDE from within a docker container (my php app is running inside a container on my development machine). On my Macbook, it has no issue doing this. However, on linux, I discovered that from within the container, the port I was using (9000) was not visibile on the host gateway (Using sudo nmap -sT -p- 172.20.0.1 where 172.20.0.1 is my host gateway in docker).
I was able to fix this issue by opening port 9000 on my development machine (sudo ufw allow 9000/tcp). Once I did this, the container could see port 9000 on the host gateway.
My Question: Is this completely necessary? I don't love the idea of opening up a firewall port just so a docker container, running on my machine, can connect to it. Is there a more secure alternative to this?
From what you've told us, opening the port does sound necessary. If a firewall blocks a port, all traffic over that port is blocked and you won't be able to use the application on the container from the host machine.
What you can do to make this more secure is to specify a specific interface to open the port for as specified here:
ufw allow in on docker0 port 9000 proto tcp
Obviously replace docker0 with the docker interface on your machine. You can find this by looking at the output of ip address show or by following the steps here if the interface name is not obvious.
So I have this setup, I have a Windows Server 2019 with a RASA open source server installed.
RASA works on Port 5005 so I added an inbound port for 5005.
So on my computer I tried accessing use < Public IP > :5005 and it didn't work even though if I use use < Private IP > :5005 or localhost:5005 in the virtual machine it works fine.
I also tried accessing the use < Public IP > :5005 inside the virtual machine and it didn't work.
The error is took to long to respond
Am I missing something?
In this case, you could add a rule to the Windows firewall inside the Server to expose the port for the public and private profiles. You could open a command prompt as an administrator on Azure VM and run the following command.
netsh advfirewall firewall add rule name=RASA dir=in action=allow protocol=TCP localport=5005
I'm running a brand new droplet in digital ocean running on Ubuntu 18.04.3 (LTS) x64, neo4j status is active and remote interface available on port 7474.
Using lynx via ssh to browse to localhost:7474 works, neo4j is alive and active.
Pinging works
Firewall asigned to allow all traffic but also specifically those ports
Browsing to the ip address on any port does not work
Used ufw to manually add port 80, 443, 7474 to allow access
Cannot connect via browser to the droplet on any port
Firewall configuration:
UFW Status:
Can you make sure the following line in your neo4j.conf file is uncommented :
# With default configuration Neo4j only accepts local connections.
# To accept non-local connections, uncomment this line:
dbms.connectors.default_listen_address=0.0.0.0
I'm running a "hello world" http server using node.js on Fedora 20.
I can see "hello world" using my Firefox by typing any of the following in my address bar: 192.168.2.85, localhost, 0.0.0.0, 192.168.122.1
I thought I would be able to open a browser on my wife's computer when she's connected to the same DCHP NAT router, type 192.168.2.85 in the address bar, and see "hello world".
However, her Chrome33 says "This webpage is not available" or "Oops! ...could not connect to 192.168.2.25." Her IE9 says "...cannot display the webpage." But from her command prompt I can ping 192.168.2.85.
On her computer (Windows 7), I tried turning off Windows Firewall and turning off antivirus.
On my computer, I tried
iptables -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
On our microsoft router, I tried Persistent Port Forwarding (inbound port range 80-80, private port range 80-80, type TCP, Private ip 192.168.2.85) and Enable virtual DMZ for 192.168.2.85. (I hope I'm not giving enough info to allow an attack?) I saw no reference to WDS in my router.
what should I do to make my node.js app available to other computers in my home? I'm new to all this.
Here's some more details . . .
netstat -ntlp
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 4566/node
cat test.js
var http = require("http");
var app = http.createServer(function(request, response) {
response.writeHead(200, {
"Content-Type": "text/plain"
});
response.end("hello world\n");
});
app.listen(80); //192.168.2.85
console.log("Server running...");
I've looked at:
Cannot browse site hosted on local machine from a mobile
Node.js connect only works on localhost
How do I run Node.js on port 80?
connecting to node.js http server on linux machine from windows machine
Node.JS Not working on the internet
and others.
If you have a Linux server without a GUI, you can set up the firewall manually using the firewall-cmd command...
# list current settings prior to changes; this is your baseline
firewall-cmd --zone=internal --list-all
# add the http services (https is optional based on your needs)
firewall-cmd --zone=internal --add-service=http
firewall-cmd --zone=internal --add-service=https
# I am using port 8080 with node.js just to differentiate it (optional)
firewall-cmd --zone=internal --add-port=8080/tcp
# the zone 'public' is the default zone on my machine but it is not
# associated with the eth0 network adapter. however, the zone 'internal' is,
# therefore, make 'internal' the default zone
firewall-cmd --set-default-zone=internal
# make the changes permanent so that they are present between reboots
firewall-cmd --runtime-to-permanent
# reload all of the firewall rules for good measure
firewall-cmd --complete-reload
# list out the current settings after changes
firewall-cmd --zone=internal --list-all
That's it. Hope this helps someone.
First, I added a zone line to the ifcfg file for the home network.
# vi /etc/sysconfig/network-scripts/ifcfg-<router-ssid-name>
. . .
ZONE=internal
Then I rebooted to ensure change took place.
Then in terminal I typed
firewall-config
It opens in the public zone, which is default, and allows the administrator to select trusted services.
(If I get 10 reputation points I can include my screenshot here.)
If the ZONE is not set in ifcfg as above, then selecting the (public) http checkbox will still work.
But if ZONE=internal in the ifcfg file, then click on internal zone and select http there, for the added security. (Or I could have used ZONE=home or ZONE=work or ZONE=trusted. Same idea.) The change is immediately applied. The other computer's browser could see my "hello world".
Finally, at the top, I changed Runtime to Permanent from the dropdown list and closed the window.
I had thought I was accomplishing the same thing earlier when I tried
iptables -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
so I guess I need to look into what the difference is.
Thanks to jfriend00 for pointing me in the right direction. (If I had reputation I would upvote your comment.)