Why is running node.js on port 80 might not be safe?
The first option isn't the easiest and require more dependencies then I need
Please review why should one use a http server in front of a framework web server for the many valid reasons you should in fact do it this way.
setting up a port redirection with an iptables rule
This is probably better than directly having your node process listen on port 80, although I haven't seen this type of configuration used in production.
making express listen on port 80 within the app
This is functionally a poor choice because you don't get the benefits outlined in the linked answer above, however, from a strictly security standpoint, the key thing to remember is you must not run your node process as root, which would be a horrendous security problem. You must be root to bind to port 80 because that's a rule of unix, but you can and must change to a less-privileged user immediately after binding to that port.
Node.js app can't run on port 80 even though there's no other process blocking the port
The error code EACCES
means you don't have proper permissions to run applications on that port. On Linux systems, any port below 1024 requires root access.
I can't listen express server on port 80
I believe you are using windows as OS. In it the port 80 could be used as default port for some service. Please check the following -
- Skype uses port 80 by default, you can change this in skype options > advanced > connection - and uncheck "use port 80"
- Port 80 is the standard HTTP port, so to check which services are using you could run
net stop http
. It will list the services using port 80 and will ask to whether end them or not. - Port 80 could be occupied by IIS server. Please stop IIS and then re-run the node service.
- Some SQL Server Reporting services also use port 80
node server running on port 80 but cant call it by domain
You have SSL specified as true but also port 80. By default, browsers expect https
to be on port 443 and for port 80 to be unencrypted.
If you just specify the hostname and not the scheme, the browser assumes you want an unencrypted connection on port 80. But your port 80 is encrypted. So it fails.
If you specify https
as the scheme but don't specify a port number, the browser assumes you want to connect on port 443. But you are running on port 80 instead. So the connection fails.
So your URLs only work in browsers if you specify both the port number and https
as the scheme.
If you don't want to have to specify the port number, the best thing to do is probably to use port 443. If you still want to answer on port 80, set something up there to redirect the https
scheme.
How do I run Node.js on port 80?
What you need to do is have 2 ip's for the server you are running. Apache has 1 ip bound to port 80 and then node.js has the other ip bound to port 80.
Using node and its listen directive has 2 values eg. .listen(80, NODEJS_IP or DNS NAME);
Some other advice.
I would not use apache with nodejs as it's not evented. So this really isn't recommended. I would actually look into using NGINX as its a much better pairing with Node.
Node.js + Express: app won't start listening on port 80
Are you starting your app as root? Because lower port numbers require root privileges.
Maybe a sudo node app.js works?
BUT, you should NOT run any node.js app on port 80 with root privileges!!! NEVER!
My suggestions is to run nginx in front as a reverse proxy to your node.js app running on port e.g. 3000
Best practices when running Node.js with port 80 (Ubuntu / Linode)
Port 80
What I do on my cloud instances is I redirect port 80 to port 3000 with this command:
sudo iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3000
Then I launch my Node.js on port 3000. Requests to port 80 will get mapped to port 3000.
You should also edit your /etc/rc.local
file and add that line minus the sudo
. That will add the redirect when the machine boots up. You don't need sudo
in /etc/rc.local
because the commands there are run as root
when the system boots.
Logs
Use the forever module to launch your Node.js with. It will make sure that it restarts if it ever crashes and it will redirect console logs to a file.
Launch on Boot
Add your Node.js start script to the file you edited for port redirection, /etc/rc.local
. That will run your Node.js launch script when the system starts.
Digital Ocean & other VPS
This not only applies to Linode, but Digital Ocean, AWS EC2 and other VPS providers as well. However, on RedHat based systems /etc/rc.local
is /ect/rc.d/local
.
Node.JS not serving port 80 on IIS
For those facing this issue, I fixed it up as Tadman recommended on the above comments: configuring IIS for forwarding (by installing the Application Request Routing and the URL rewrite extensions to IIS).
Node.js also worked when creating a new rule at Windows firewall for enabling port 80. The default rule at the firewall for port 80 will work only with IIS, not with Node.js.
As for the extensions mentioned above, here is a good instructive about how to install and setup:
https://dev.to/petereysermans/hosting-a-node-js-application-on-windows-with-iis-as-reverse-proxy-397b
Node.js EACCES error when listening on most ports
Running on your workstation
As a general rule, processes running without root privileges cannot bind to ports below 1024.
So try a higher port, or run with elevated privileges via sudo
. You can downgrade privileges after you have bound to the low port using process.setgid
and process.setuid
.
Running on heroku
When running your apps on heroku you have to use the port as specified in the PORT environment variable.
See http://devcenter.heroku.com/articles/node-js
const server = require('http').createServer();
const port = process.env.PORT || 3000;
server.listen(port, () => console.log(`Listening on ${port}`));
Related Topics
Arm Linux ":Start_Kernel Is Not Calling After Decompressing UImage"
How to Change Vim's Default Mode
Truncate Table via Command Line in Linux
How to Convert Multiline File into a String in Bash with Newline Character
Error While Trying to Run Make Command
Dreamweaver Equivalent for Linux
Bypass Dev/Urandom|Random for Testing
Splitting a File Using Awk on MAC Os X
Container Running in Privileged Mode
Shell Must Parse Ls -Al Output and Get Last Field (File or Directory Name) Any Solution
Do I Get a Notification from Epoll When a Fd Is Closed
Cannot Find Module 'Firebase-Admin' When Trying to Deploy Firebase Functions
Gcc: Linked Libraries in /Usr/Local/Lib Are Not Found, But /Etc/Ld/So.Conf.D/Libc.Conf Lists It
Most Efficient Way to Concatenate Thousands of Files in Perl
Bash: Transform Key-Value Lines to CSV Format