Heroku app calling external web service on a VPN [closed] - security

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be answered with facts and citations.
Closed 4 years ago.
Improve this question
So, we have a Heroku app.
We have a web service running on an intranet.
That intranet needs a VPN connection for outsiders to
connect.
We want our Heroku app to call the web service on the intranet, via
VPN.
How would you tackle this?
Some thoughts....
Heroku doesn't seem to have a VPN client we can activate on our app :(
I'm aware some routers can handle the VPN gubbins for us. Is there an online service that let's us setup a VPN proxy to our intranet site?
Thanks in advance
T

It's not going to be possible I'm afraid, certainly at least not via VPN. Heroku uses Amazon EC2 so you can't even narrow it down to an IP range to permit access. Heroku is a closed system so you can't install additional components so unless it's something accessible via http/https then it's a no go.

I think you could use a static ip address add on to ensure your app connected via that ip address.
https://devcenter.heroku.com/articles/quotaguardstatic
But I don't know how that gets you to a VPN.

If your company have Heroku Enterprise, looks like it could be done within Private Space:
[https://blog.heroku.com/heroku_private_spaces_are_now_generally_available_within_heroku_enterprise]
[https://devcenter.heroku.com/articles/private-spaces]
Otherwise the easiest way I could think of is to spin up an proxy server in your DMZ that is restricted access from your Heroku app... with setting static IP suggestion above from mooreds.

Related

How to allow people from external network to access my Node.js app via IP address? [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about programming within the scope defined in the help center.
Closed 3 years ago.
Improve this question
I tried Google for the last 3 days and also found most of the StackExchange answers for LAN. I found no solution to enable people to access my app from an external network.
I have already enabled access for Node.js to connect anywhere in the internet in my firewall, which should not be a concern, but I am not sure.
You can use tunneling library, such as https://ngrok.com/
This will give you a URL where anybody can access your APIs online.
Go to your router and set a port-forward-rule
Set the ip to your local ip of your computer
Set the port to the port your app is running on
Give your mates your public (external) ip address
Thats it. Your router will forward all traffic from the outsite to the set port on your local computer. No special software needed.
You can google for how to setup port-forwarding for every brand online. In most cases its self explanatory.
If your nodejs app ( http server or other ) behind the NAT like a home DSL link and there's no valid ip address assigned to your machine, You need to do Destination NAT/PAT which known as virtual server in most DSL modems. Also you can use online DNAT tools like no-ip or others too.

How to run my Vue + Node application on static IP [closed]

Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 3 years ago.
Improve this question
I have created an application which I am running on my device with the local IP address. Now what I am trying to do is I want to access it through static IP so that if I am not connected to the same network I can access it through static IP. In turn, I can get this from Google when I type "my static IP" on Google.
Currently my app is running on localhost:8080 or '192.168..:8080' so whoever is connected to same server over same network is able to see that but I want to do it with static IP.
Now you should have to live this app on Heroku or an EC2 instance, then they will provide a public IP address.
So static IP just means an IP address that doesn't change. This can be local (the 192.168.x.x) or public (where you can access it from anywhere). There are some hosting options, and I'd recommend Heroku.
If this is your first time, you'll need to know some things like setting scripts for "postinstall" or setting up your Procfile, so take a look at this guide for deploying.
There are numerous other options as well for deployment with lots of information and tutorials you can Google pretty easily.

Static IP without router access? [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 6 years ago.
Improve this question
I am currently living at the student homes to my university. I want to set up a NAS / server to run backups, VM and some other small task. This is also something I want to set up to learn more about Linux and networking. I am currently planning how to set it up and what hardware to buy, but I want to run arch Linux on it with RAID 1. A problem I'm thinking about is that I don't have access to the router and therefore I can't set up port forwarding to connect to the server. Is there a way to get remote access to it without adjusting the settings in the router?
At my University we have the ability to connect to a vpn so we can access services only available through a specific University IP.
I haven't tested this method but I believe it could work.
Set up your services like normal and configure them to use port 80 if they need any data from the outside.
Make a script, probably available somewhere, to send you your internally ip address on e.g. mail.
That way you can use your schools VPN service to connect to the lan and from there you can access an internal ip address(your server).
This all depends on this VPN service and if you are connected to the same network.
#iporSircor commented on a method you can use. It's basically the same as what I wrote, but instead of connecting to schools VPN you will connect to your own VPN(server).
Test it out and let us know what method you used, what worked, what didn't.
And also you should talk to your school to find out if using Tor or even setting up a server on their network is allowed.

Struggling with Amazon Route 53 DNS Management [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 7 years ago.
Improve this question
I purchased a domain through Amazon Route 53 and am hosting my Node.js/ExpressJS app on an Amazon Linux EC2 Instance server. I can get my site to run on my EC2 server by using the public IP:portNumber or by using the publicDNS:portNumber, but I am struggling to understand how to set up the record sets in the hosted zone section of the Route 53 console to have my website point to www.thedomainipurchased.com:portNumber. I also read somewhere that you can't add the port number onto the public ip like that, so I would like to know how to set up both records to do this. I'm new to DNS, which is why I've had such a hard time although I'm sure to some people this seems very simple so would really appreciate any feedback to be explained in as basic and simple of a way as possible. Record Set Picture here
DNS only provides a way to map names to the IP addresses of hosts. Except under very limited circumstances you can't include a port number. DNS simply isn't designed to do that.
Ports are determined by the protocol involved. If you use a web browser to connect via HTTP then it will default to using port 80. If you use a web browser to connect via HTTPS then it will default to using port 443. When you send e-mail the default port is 25. When you SSH into a server the default port is 22. And so on. Default ports are essentially part of the specification for the global internet.

web hosting and websocket technologies [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be answered with facts and citations.
Closed 7 years ago.
Improve this question
I want to write a web application that needs a websocket server.
I want to host this websocket server on some famous web hosting provider (such as 1&1 by example).
Which web hosting provider should I use?
If you want to use a websocket server which you can start and stop at will I would much rather recommend a cloud solution. It's cheap and lets you interact with the server directly, which is most likely impossible with more traditional hosting providers. I've only used Amazon Web Services and Google App Engine myself, they both have a free tier which you can use to build and test your websocket application. There are many more providers, also have a look at PaaS services like Nodejitsu. It all depends on what specific technologies you want to use I guess.
(note: AWS lets you SSH into your instance and you can use any platform/technology you want while GAE is web based and limited to Go, Java and Python. It doesn't mean AWS is better, again it depends on your case.)
You can use WebSockets for your .NET apps with GearHost at www.gearhost.com. It's free and gives you 100 free CloudSites and 100 free databases.

Resources