I have a running AWS EC2 instance on an Ubuntu machine running a Nodejs server.
Everything works fine then opening the website via its public ip on port 3000 likes this:
http://XX.XXX.XXX.XXX:3000
Now I want to redirect all requests from port 80 to this port 3000 via iptables like described in this video: https://www.youtube.com/watch?v=WxhFq64FQzA via
sudo iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3000.
Unfortunately I am getting this error: http://prntscr.com/lja6hx when opening the site like this: http://XX.XXX.XXX.XXX (without port 3000 specified)
P.S.: I'm not really sure if my approach is correct. I am open to other ways of achieving a redirect from port 80 (http) to port 3000
As #Vorsprung suggested I should use an Application Load Balancer. I did this but it's still not working. Here is my setup:
My Application Load Balancer Listener
The Target Group I'm forwarding to in my ALB
My hosted zone (I've added the alias for the ALB here)
Please let me know if something is missing
either use nginx see https://nodebb.readthedocs.io/en/latest/configuring/proxies/nginx.html
or
you are on AWS! Use an ALB.. see https://docs.aws.amazon.com/elasticloadbalancing/latest/application/application-load-balancer-tutorials.html
Related
I am using AWS lightsail for the first time. I cloned my git repository to my htdocs and opened port 3000 on my networking ipv4 firewall. What im trying to do is load my node site with my aws static IP. It currently works when I specify the specific port like: 98.222.124.4:3000 but I wanted it to load the site without having to specify the port so I followed the steps found here https://docs.bitnami.com/ibm/infrastructure/nodejs/administration/create-custom-application-nodejs/ under "Create A Custom Virtual Host" but the specified method is not working. I still need to specify the port in order for the site to load. What I basically did was edit the documentRoot and directory paths to my repositories location then restarted apache but this didn't let me access the site without the port. Where did I go wrong. How can I load the site without specifying a port in the url?
It took me a minute to land on this solution but the only method that worked was this:
First try this after installing iptables:
sudo iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3000
What you basically did is forward all port 80 traffic to port 3000. Then check and see if site is loading without specifying the port in URL. If it works go to step 2.
Step 2:
open the /etc/rc.local file with vim or other editor and add
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3000 to the file. Notice sudo is not included because the file already runs as root. We are implementing step 2 because we want the port redirected when the machine boots up.
I have a simple Python server on a DigitalOcean Ubuntu droplet that should serve the index.html file in the /dist folder:
port = 8000
os.chdir(os.path.join(os.path.dirname(__file__), 'dist'))
Handler = http.server.SimpleHTTPRequestHandler
httpd = socketserver.TCPServer(('', port), Handler)
print('Serving at port ', port)
httpd.serve_forever()
I ran 'sudo ufw allow 80/tcp' to open the firewall and if I run ufw status it shows port 80 as being open to everybody. I ran 'sudo iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8000' to redirect traffic from port 80 to port 8000.
If I run nmap from another box, the only open port is ssh on 22. Port 80 is filtered. Navigating to the host in my browser results in a connection timeout. What could be causing this?
It turns out I had to enable the DigitalOcean firewall and apply the correct rules, otherwise without the firewall it was just blocking ports by default.
It's my first time when I try configure a server running on Amazon EC2.
I figured out how run my node app on 80 port but now I'm trying to run on 443 port with Letsencrypt SSL. Before to work on 80 port I added
sudo iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-ports 3000
and
sudo iptables -t nat -A OUTPUT -p tcp --dport 80 -j REDIRECT --to-ports 3000
and everything worked fine. But now after install Letsencrypt I try to do same thing but with 433 port instead 80 and it's not working.
Letsencrypt config automatically for me all files so now redirect from http to https is working fine and when my iptable is empty on https:// I see ubuntu default website. When I run lines mentioned above with 443 port app is still not working (browser can't even load anything). It's only working with http:/...:3000
I've added 443 port to Security Groups on EC2.
What I can do? Thanks.
You need to check your security group Inbound/Outbound rules, you need to see if port 443 is assigned to which host. A valid but dangerous configuration, just for testing, is allow everything on Inbound and Outbound, to see if its a problem on your Security Group.
Beyond that, you need to be sure if the binding port is listening. Are you using Amazon Linux?
I'm having trouble accessing my website through HTTP with an EC2 instance. I've tried changing the security setting by allowing HTTP on port 80, but it still doesn't work. SSH however is working fine. What could be the issue?
This is embarrassing, but the reason I couldn't connect to my EC2 instance was because my node js app never actually started a server for me to listen on port 80.
Adding this simple snippet of code
var server = app.listen(8080, function () {
var host = server.address().address
var port = server.address().port
console.log('Example app listening, host, port)
})
Along with this shell command for redirecting fixed the issue.
iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to 8080
Could check ip-tables if it is blocking 80, check the security group if the TCP for PORT 80 is open to your IP address or ( 0.0.0.0/0 ).
Given that you are able to SSH but not http, check if you can replicate the same settings in the SG which has the config for SSH 22 - also kindly look if the web-server ( or process ) is up and running in PORT 80.
First, login that instance, and run the command to confirm http service is running.
telnet INSTANCE_public_DNS_name 80
Then run the same command for your remote machine to confirm if there are any firewall issues.
If there is problem to telnet, then click the instance name, and go to description --> Security groups --> view rules.
You should see the port opened. If not, create a new security group or edit exist security groups, and assign to that instance.
I have a node.js server listening on port 4000
how can I redirect my domain name: www.mydomain.com to a ip and port? The domain provider only allows an ip address without a portnumber in the redirection field. If I do a URL redirect, then the name of my side is not shown.
Please let me know how can I redirect it to my domain?
121.12.12.123:4000 redirect to www.mydomain.com
HTTP requests usually come in on port 80. When you type in a domain and do not specify a port, it automatically connects to port 80. You have a few options. You can run your Node.js server as root and have it listen on port 80, but it's not recommended.
You can also setup a Nginx on port 80 and use it to reverse proxy requests to your Node.js process which is listening on port 4000, but this introduces another component in your stack to manage and introduces a little bit of overhead for each request.
The way I prefer to handle this is to setup a redirect in iptables (assuming you're using Linux).
sudo iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 4000
That will redirect all traffic from port 80 to port 4000, where you're listening Node.js process is.
That allows you to run your Node.js process as an unprivileged user, but still answer requests on port 80.
Once you've done that than you can simply point your domain to the IP address of the server and normal web requests should work. Just be sure you have port 80 open on any firewalls first.
try this code
var httpProxy = require('http-proxy');
httpProxy.createProxyServer({target:'http://localhost:4000'}).listen(80);