How does IIS Express understand the config element binding?
<binding protocol="http" bindingInformation="*:1789:localhost" />
There are three parts, separated by colons. How are they each understood?
Listen directives in Apache config files have only two parts https://httpd.apache.org/docs/2.4/bind.html
For example Listen 192.0.2.1:80 means listen on the address-port combination of 192.0.2.1 and 80.
If you write Listen 80 that means listen on all addresses port 80.
*:1789 means IIS Express will monitor incoming requests at 0.0.0.0:1789 and [::]:1789 for both IP v4 and v6 requests. The host name localhost is an extra requirement, so that all requests whose host header do not match it will also be dropped.
Related
I have a basic web application running on a port in an EC2 instance. I have also created an A record in Route53 which points a domain name that I own towards the ip address of the EC2 instance.
When I directly access ip-address:port, it works fine, but because the a record does not point towards that specific port, the website cannot be accessed through the domain name.
How do I specify a port that all requests to that ip address should be routed to?
port is referenced by protocol you are using.
if you use http you will connect to port 80. https uses 443, ftp 21, smtp 25 and there are many others (they are called default ports for service but they may use every other defined).
You are probably running application, listening on some different port (but using protocol http) and that's why you can reach it by entering http://ip-address:port
what you can do to reach it by entering only http://ip-address is to set it to listen on port 80 (you will need root privileges to do this) or set redirect from port 80 to your applications port (you can use pure port redirection using iptables or (better) reverse proxy software. It can be apache as mentioned in comment above, or nginx or haproxy or something else (you haven't specified operating system anyway - those are mainly for linux).
Hope that helps
My ASP.NET Web API is bound to localhost:
startOptions.Urls.Add("http://localhost:8080");
If I now call netstat -a I would have expected to see something like 127.0.0.1:8080 but it looks like my binding works on all IP addresses on the local machine:
Active Connections
Proto Local Address Foreign Address State
TCP 0.0.0.0:8080 MyComputer:0 LISTENING
TCP [::]:8888 MyComputer:0 LISTENING
Do I have to worry about external (e.g. non-localhost) connections?
"Yes", since this port may be routable by others you may need to worry about external connections, but it depends on your specific environment. Use the https://en.wikipedia.org/wiki/Localhost loop back address, 127.0.0.1 and then you won't have to have external access concerns:
startOptions.Urls.Add("http://127.0.0.1:8080");
Your question has to do with the default route, https://en.wikipedia.org/wiki/Default_route.
FYI: You may want to have a configuration that switches this when you deploy so it can have access when you want it to...
Additionally, https://ifconfig.co/port/8080 may be able to help you determine if your port is exposed...
0.0.0.0:8080 is also a DroidScript address used for "no touch" mobile phone "hacking" it is not solely limited to DroidScript as many users of JS use it across a wide variety of web tools
Hello today configured vps on Google Cloud and put Vesta control panel, but the problem is not open one https that is, and the ip server and the domain itself does not open on https. Set up Google Cloud firewall and opened ports 80,443 but https does not open the site itself is not the ip of the server. Checked through online services port 443 is closed but settings of the server and a firewall of Google and ip tables say that port 443 is opened (checked by several services port 443) and in the browser through ip of the server and the domain on https do not open. Please tell me how to open port 443?
Same with ports 8443,8080.
I am not able to comment but here are some steps that might help to isolate the issue:
Check to see if the port is open or closed or filtered using nmap
nmap [ip_address]
Firewall rules are defined at the network level and therefore make sure that you follow this document while creating the firewall rules to allow incoming traffic on TCP port 80 and 443 (same for other ports). In this document in step 11, choose " specified protocols and ports" and enter tcp: 80, tcp: 443.
As you previously stated, you need to make sure there is no firewall running inside the VM blocking those connections.
You also need to verify if the application running on your vps is listening on port 443. To check this, try with this command.
sudo netstat -ntlp | grep LISTEN
In the output, if you don't see the application beside port number, check if your vps is rightly configured to ports for your application.
I was having the same issue with NGinx. And Found the root cause finally to be the Firewall (GCP VM Firewall) having a lower priority for the rule. ie: I had 65534 (which is super low priority) for the "Ingress 443" rule. Which did block the traffic coming into the SSL. Instead when I set this rule to 1, traffic started flowing and issue sorted.
What finally helped me was https://cloud.google.com/vpc/docs/using-firewalls
Thanks #Md Zubayer for the tip.
443 port is typically used for HTTPS/SSL. But is it the only option we can choose for HTTPS/SSL communication. If not, why?
The port number is not "magic", you can use any port from 1-65535 you like. There are only 2 conditions:
Both the server and the client have to (agree to) use the same port number.
Ports in the range 1-1023 are "well known ports" which are assigned worldwide to specific applications or protocols. If you use one of these port numbers, you may run into conflicts with the "well known" applications. Ports from 1024 on are freely useable.
As an example, you could use port 30443 for SSL VPN if your VPN gateway supports port reassignment and the SSL VPN client (if any) does this as well. If you access SSL VPN via web portal, you can add the custom port number in the URL like this: "https://mysslvpnserver.com:30443".
Beware that public internet feeds (hotels, hotspots) often block high ports > 1024.
We can use any available port for HTTPS, however, for the sake of convention, 443 and 8443 are assigned for HTTPS (browsers automatically prefix with https when these port numbers are used), but we can even run HTTPS on port 80. In this case it is our responsibility to use https (if we don't indicate it, the browser will consider it a http link).
The title says almost everything. I want to use apache under windows and then redirect one or more domains to my computer using a service like No-IP. Is it possible?
Yes you just need to set port forwarding to your local machine (PORT 80 for HTTP, 443 for SSL, 21 for FTP ( if you want to run a ftp server aswell)) on your router, and set a dynamic dns there that points to NO-IP. Most likely you can add one DynDNS entry.
Yes.
You don't even need a Dynamic DNS service (like no-ip) if you have a static IP address. In that case, just register a domain name and create two DNS records -
NAME TYPE VALUE
example.com. A public.ip.address.here
www.example.com. CNAME example.com.
Most ISPs now assign static IPs (even if they claim otherwise), and if not, you can get one for a small fee ($5/month extra). Or upgrade your account to business class.
This way you don't have to introduce another layer (Dynamic DNS) into your set up.
Then install a WAMP such as - xampp (really popular here) - UniformServer -
Wamp-Developer Pro (the one I use) -
WampServer (another good one)
You'll also need to port-forward your router (ports 80 and 443) to the LAN IP, and create two rules in the Windows Firewall to unblock incoming port 80 and 443 requests.
The only thing that can go wrong is if your ISP blocks incoming port 80 (http) and 443 (https) requests. You can call and get them to unblock that, or again, update the account to business class to remove all the headaches.