"By default, Caddy will bind to ports 80 and 443 to serve HTTPS and redirect HTTP to HTTPS." (https://caddyserver.com/docs/automatic-https)
How can we change this port?
Background:
In our setup, Caddy runs behind an AWS load balancer which forwards requests from port 443 to port 4443. Therefore, we would like to have Caddy listen on 4443. (We use the DNS challenge.)
According to the documentation:
The first line of the Caddyfile is always the address of the site to serve.
In your Caddyfile:
<domain>:<port>
Example:
localhost:8080
You should be able to do this
https://example.com:4443 {
# config info
}
Above answers are both good, but if you want to run on specific port and have other reverse proxy redirecting from yourdomain.com:443 to <MY_SERVER_IP>:4443, you can use global settings
{
http_port 880
https_port 4443
}
mydomain.com {
...
}
Only use this when you want your server to run on 4443 but be able to accept requests where Host: mydomain.com is present (host doesn't have :4443 port)
Related
No matter what I do I cannot get my application to listen on port 443 (https). I simply need nginx to forward traffic to my app which is running https on port 8080, but nginx will only listen on port 80 and will refuse to forward to my app unless it is also running on port 80.
I've followed the instructions in this article but it makes no difference.
I do not have a domain name yet, I am simply using a self signed cert so I don't believe certbot will help here.
Please help I am so frustrated hahaaaaaa
I have configured gitlab so that I can only connect to it from a specific ip address. In gitlab.rb file I configured the url this way:
external_url 'gitlab.example.pl:2000'
and also configured ufw:
[ 1] 2000 ALLOW IN 192.169.0.1/24
When I want to access gitlab by browser I have to type additionally port 2000, so I would like to port forwarding to 443. I can't give access to port 443 only to a specific ip address in ufw because i configured mattermost in this same server and must be access from everywhere. I tried port forwarding with apache2 or ngnix but gitlab listens on port 80 and because of this apache2 and nginx are not working. I also tried find solution in file gitlab.rb
nginx['listen_port'] = 443
nginx['redirect_http_to_https_port'] = 80
nginx['redirect_http_to_https'] = false
Please give me a solution to this problem.
You do you not have to configure listeners for gitlab and mattermost separately. Both your mattermost and gitlab URL will point to the same IP address and port and both should route to NGINX.
NGINX will route traffic appropriately to gitlab or mattermost based on the hostname header. Just configure the external_url for gitlab and mattermost_external_url for mattermost appropriately within the same gitlab installation. There's no particular need to put apache in front of gitlab's nginx.
external_url 'https://gitlab.example.com'
mattermost_external_url 'https://mattermost.example.com'
nginx['listen_port'] = 443
nginx['listen_https'] = true
As long as your firewall allows traffic on port 443 to nginx, you're OK. If you need that to be a specific IP address, set nginx['listen_address'].
It is written that now CloudFlare supports 2087 as a port for Https
I have a domain lets say www.somethign.com and it is secure using CloudFlare
I run my node.js on a specific port.
If I choose a port 8080, which is a port allowed for http, and then i call my page like:
http://www.mydomaidnExample.com:8080/webhook
it works perfectly.
but when I set a port for https, such as 2087 and call it like
http://www.mydomadin.com:2087/webhook
i get this error
What should I do please ?
Note that this url
localhost:2087/webhook
is working on the server
Update
Firewall is already off
When using CloudFlare there are restrictions around which ports you connect through for security reasons, the 2087 port is reserved for SSL usage:
For requests made via HTTP:
80
8080
8880
2052
2082
2086
2095
For requests made via HTTPS:
443
2053
2083
2087
2096
8443
Therefore, when using Full SSL mode within CloudFlare and you connect over port 2087 the connection to the origin will be over SSL, if you want to disable this you can use a Page Rule to turn SSL to Flexible on that port.
I have a node.js server listening on port 4000
how can I redirect my domain name: www.mydomain.com to a ip and port? The domain provider only allows an ip address without a portnumber in the redirection field. If I do a URL redirect, then the name of my side is not shown.
Please let me know how can I redirect it to my domain?
121.12.12.123:4000 redirect to www.mydomain.com
HTTP requests usually come in on port 80. When you type in a domain and do not specify a port, it automatically connects to port 80. You have a few options. You can run your Node.js server as root and have it listen on port 80, but it's not recommended.
You can also setup a Nginx on port 80 and use it to reverse proxy requests to your Node.js process which is listening on port 4000, but this introduces another component in your stack to manage and introduces a little bit of overhead for each request.
The way I prefer to handle this is to setup a redirect in iptables (assuming you're using Linux).
sudo iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 4000
That will redirect all traffic from port 80 to port 4000, where you're listening Node.js process is.
That allows you to run your Node.js process as an unprivileged user, but still answer requests on port 80.
Once you've done that than you can simply point your domain to the IP address of the server and normal web requests should work. Just be sure you have port 80 open on any firewalls first.
try this code
var httpProxy = require('http-proxy');
httpProxy.createProxyServer({target:'http://localhost:4000'}).listen(80);
Now, I had patched nginx with the nginx_tcp_proxy_module, and it is running OK on port 8080.
How do I connect the clients to port 80 of nignx, not port 8080 of Node.js,
so that having the nginx forward the request to Node.js?
Just change 8080 to 80. But TCP and HTTP on the same port is not possible.
Aleternative solution:
Use HAProxy on port 80
Set up nginx to listen on port 81
Run your node.js app on port 8080
Configure HAProxy to
forward Host: your.nodejs.socketio.com to 127.0.0.1:8080
forward everything else to 127.0.0.1:81
If you go down this route you will probably want to preserve client IPs:
Configure HAproxy
Use RealIP module in nginx
Use X-Forwarded-For in socket.io
socketio.handshakeData = function(data) {
var d = socketio.Manager.prototype.handshakeData(data);
d.ip = data.request.headers['x-forwarded-for'] || data.request.connection.remoteAddress;
return d;
};