I have two servers running on Amazon's EC2. One is a standard web server running LAMP (this is behind an elastic load balancer), the other a Node.js server with Express and socket.io installed. On that Node server I have my server.js file (this file is automatically loaded on server start).
var app = require('express')();
var server = require('http').Server(app);
var io = require('socket.io')(server);
server.listen(8080);
io.on('connection', function (socket) {
socket.on('join', function() {
console.log('joined');
}
}
On the LAMP server, clients connect to this external server by:
<script src="https://cdn.socket.io/socket.io-1.3.4.js"></script>
var socket = io.connect('http://URL_HERE:8080');
socket.on('connect', function() {
socket.emit('join', room_id);
});
The problem, though, is that console spits out ERR_NETWORK_ACCESS_DENIED continuously, suggesting that access to that port is blocked. However, the inbound rules for the Node server are as follows:
Custom TCP Rule -- TCP -- 8080 -- 0.0.0.0/0 (Anywhere)
HTTP -- TCP -- 80 -- My IP
HTTPS -- TCP -- 443 -- My IP
I have tried all sorts by more or less completely opening the inbound ports, but to no avail. It may be worth nothing as well that the only way for people to access the client script (the LAMP server) is through a load balancer - you cannot directly access the LAMP server. The load balancers inbound rules are as follows:
Custom TCP Rule -- TCP -- 8080 -- 0.0.0.0/0 (Anywhere)
HTTP -- TCP -- 80 -- 0.0.0.0/0 (Anywhere)
HTTPS -- TCP -- 443 -- 0.0.0.0/0 (Anywhere)
And the LAMP server's rules:
Custom TCP Rule -- TCP -- 8080 -- sg-elb_id
HTTP -- TCP -- 80 -- sg-elb_id
HTTPS -- TCP -- 443 -- sg-elb_id
... other irrelevant rules (SHH, MYSQL, ...)
Has anyone any idea why I'd be getting an access denied error? The Node server isn't behind the load balancer - it's in effect completely external to the process. All of the security groups are not restricted in regards to outbound rules.
Turns out the reason was it couldn't find the globally installed express or socket.io modules. Doing cd /var/www/html and then sudo npm link socket.io sudo npm link express resolved the issue.
Related
I've trying to run my nodejs/expressjs application on my godaddy server, but any port I use times out. I've tried using the application on my local device and it works fine. I have a snippet of my connection below.
var app = express();
app.listen(8080, function() {
console.log("Listening on port " + 8080);
});
When I run the program through ssh, I get no errors
node index.js
Listening on port 8080
But when I go to the corresponding location in my browser, I get:
xxx took too long to respond.
ERR_CONNECTION_TIMED_OUT
I'm pretty sure it has to do with running on the godaddy server. If anyone has experience using this service with nodejs, is there a specific port I should be using, or is there any other setup I should do?
Do you have a VPS with GoDaddy right? So I assume you have also root access.
SSH into your GoDaddy server as root and check if the node.js app actually listens on that port:
netstat -tunlp | grep 8080
If you see any result there for the node.js app and that port then the port is open.
By default, there should be a firewall on your server which might block most of the ports and allows only the necessary incoming traffic.
You can check if there is any rule for that port by issuing the command bellow:
iptables -nvL | grep 8080
If any result is returned, then you have to add an iptables rule to allow access to that port. There are multiple methods to do that:
permit full access from your IP access to the server
permit your ip to access port 8080 on the godaddy server
permit outside world to access port 8080 on your server
You could read any iptables guy, it's pretty easy to add/edit/delete firewall rules. Most of the cPanel/WHM servers come with CSF Firewall (which is based on iptables and perl scripts).
In order to allow an ip address to your firewall (if you have CSF Firewall installed) you have to issue the following command:
csf -a ip-address
I hope that helps!
I'm having trouble accessing my website through HTTP with an EC2 instance. I've tried changing the security setting by allowing HTTP on port 80, but it still doesn't work. SSH however is working fine. What could be the issue?
This is embarrassing, but the reason I couldn't connect to my EC2 instance was because my node js app never actually started a server for me to listen on port 80.
Adding this simple snippet of code
var server = app.listen(8080, function () {
var host = server.address().address
var port = server.address().port
console.log('Example app listening, host, port)
})
Along with this shell command for redirecting fixed the issue.
iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to 8080
Could check ip-tables if it is blocking 80, check the security group if the TCP for PORT 80 is open to your IP address or ( 0.0.0.0/0 ).
Given that you are able to SSH but not http, check if you can replicate the same settings in the SG which has the config for SSH 22 - also kindly look if the web-server ( or process ) is up and running in PORT 80.
First, login that instance, and run the command to confirm http service is running.
telnet INSTANCE_public_DNS_name 80
Then run the same command for your remote machine to confirm if there are any firewall issues.
If there is problem to telnet, then click the instance name, and go to description --> Security groups --> view rules.
You should see the port opened. If not, create a new security group or edit exist security groups, and assign to that instance.
Hi all I have created an Ubuntu EC2 instance and have installed nodejs on it. Am running a simple node js script (which IS running and not throwing any errors:
var net = require('net');
var server = net.createServer(function (socket) {
socket.write("from server\r\n");
socket.pipe(socket);
});
server.listen(8000, "localhost");
console.log("TCP server listening on port 8000 at localhost.");
to test this, (am on windows) I am running a program called hercules to attempt a tcp connection, but it always comes back with tcp connection error: 10061
and the IP address can't be pinged either.
My ec2's IP address is 54.76.31.140. I have added an inbound tcp:8000 0.0.0.0 rule to my security group in the aws console and I have added hercules to my windows firewall and avg exceptions. I have also added an exception to my home dsl router and finally I have checked the ubuntu iptables there are no rules set.
Pls help, I can't seem to find whats wrong here.
If you tell the server to listen on "localhost," that's the only place it will listen -- "localhost" -- the loopback interface, 127.0.0.1, which is only accessible from... the local host.
Remove the 2nd argument to server.listen().
http://nodejs.org/api/net.html#net_server_listen_port_host_backlog_callback
If you want to be able to ping your instance, you have to allow ICMP in the security group.
Also, before you fix it, and after, run this, and note the difference in output:
$ netstat -a -n | grep 8000 | grep -i tcp
I have a node.js server listening on port 4000
how can I redirect my domain name: www.mydomain.com to a ip and port? The domain provider only allows an ip address without a portnumber in the redirection field. If I do a URL redirect, then the name of my side is not shown.
Please let me know how can I redirect it to my domain?
121.12.12.123:4000 redirect to www.mydomain.com
HTTP requests usually come in on port 80. When you type in a domain and do not specify a port, it automatically connects to port 80. You have a few options. You can run your Node.js server as root and have it listen on port 80, but it's not recommended.
You can also setup a Nginx on port 80 and use it to reverse proxy requests to your Node.js process which is listening on port 4000, but this introduces another component in your stack to manage and introduces a little bit of overhead for each request.
The way I prefer to handle this is to setup a redirect in iptables (assuming you're using Linux).
sudo iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 4000
That will redirect all traffic from port 80 to port 4000, where you're listening Node.js process is.
That allows you to run your Node.js process as an unprivileged user, but still answer requests on port 80.
Once you've done that than you can simply point your domain to the IP address of the server and normal web requests should work. Just be sure you have port 80 open on any firewalls first.
try this code
var httpProxy = require('http-proxy');
httpProxy.createProxyServer({target:'http://localhost:4000'}).listen(80);
Update: Turns out the only problem was that I was behind a firewall that blocked some ports, but not 8000.
Edit: TL;DR: can't connect to port 9000 remotely, but port 8000 is ok and I don't know why :(
I've got this node.js application that's running on port 8000 and another one (http-proxy) running on port 9000.
Running them on my machine is fine, but I have some problems when I put them up on a server (EC2 instance - I did open the ports in the web console security group[1]). The application works fine, but I can't connect to the proxy from outside. I tried to $ telnet localhost 9000 on the server and it connects, so I guess that's a good sign.
Another thing that I have noticed is that if I try to run the applications separately, I get the same results, i.e.: 8000 - OK, 9000 - NOTOK :<.
However, if I change the port the proxy uses from 9000 to 8000, it works. And if I switch the ports, i.e. application:9000 and proxy:8000, I can connect to the proxy, but not to the application. I have also tried other numbers, but that wouldn't fix it either.
I guess there's something really stupid that has nothing to do with the application itself and that I'm missing, but I can't put my finger on it, so does anyone have any idea why this setup doesn't work?
server.js
var express = require('express.io');
var app = module.exports = express();
require('./proxy');
app.http().io();
app.listen(8000);
// ...
proxy.js
var httpProxy = require('http-proxy');
var url = require('url');
httpProxy.createServer(function(req, res, proxy) {
// ...
proxy.proxyRequest(req, res, {
host: destination.host,
port: 80
});
}).listen(9000);
$ netstat -pln | grep node output
tcp 0 0 0.0.0.0:9000 0.0.0.0:* LISTEN 1487/node
tcp 0 0 0.0.0.0:8000 0.0.0.0:* LISTEN 1487/node
Security group rules
It turned out that the problem was not at all related to the application or the EC2 instance setup.
The network I was in while testing this was blocking some ports. This is why when moving the proxy to port 8000 it was working fine, but on 9000 or any other random ones that I tried it wasn't. D'oh!