node.js 与 nginx，如何删除直接 ip:port 访问 [英] node.js with nginx, how to remove direct ip:port access

问题描述

我继承了一个 node.js 项目，我对平台/语言非常陌生.

我继承的应用程序正在开发中，因此正在进行中.在当前状态下，它运行在端口 7576 上，因此您可以通过以下方式访问它:server_ip:7576

我的任务是将这个原型"放在实时服务器上，以便我的老板可以向投资者等展示它.但我必须用密码保护它.

所以我所做的是让它在实时服务器上运行.然后我让它使用了这样的 nginx 虚拟主机:

服务器{听80；auth_basic "受限";auth_basic_user_file/usr/ssl/htpasswd;access_log/etc/nginx/logs/access/wip.mydomain.com.access.log;error_log/etc/nginx/logs/error/wip.mydomain.com.error.log;server_name wip.mydomain.com;地点/{proxy_pass http://127.0.0.1:7576;根/var/app;30d 到期；#uncomment 这是你想命名一个索引文件:#index index.php index.html;access_log off;}位置 ~* ^.+\.(jpg|jpeg|gif|png|ico|css|zip|tgz|gz|rar|bz2|pdf|txt|tar|wav|bmp|rtf|js|flv|swf|html|htm)$ {根/var/app/public；}}

`

大功告成，我现在可以通过访问 wip.mydomain.com 来访问我的应用

我可以很容易地通过 nginx 密码保护它.

我的问题是仍然可以通过 ip:port 访问该应用程序，但我不知道如何防止这种情况发生.

感谢任何帮助.

谢谢

解决方案

在你的 node javascript 代码中，你需要显式绑定到环回 IP:

server.listen(7576, '127.0.0.1');

(您正在寻找对 .listen() 的调用来修复.该变量可能被称为 app 或其他名称).

任何以 127. 开头的 IP 地址都是环回地址，只能在单台机器内访问(实际上并不使用网络).

I inherited a node.js project and I am very new to the platform/language.

The application I inherited is in development so it is a work in progress. In its current state it runs off port 7576 so you access it this way: server_ip:7576

I've been tasked with putting this "prototype" on a live server so my boss can show it to investors etc. But I have to password protect it.

So what I did is I got it running on the live server. And then I made it use a nginx vhost like this:

server {
        listen 80;

    auth_basic            "Restricted";
    auth_basic_user_file  /usr/ssl/htpasswd;

        access_log   /etc/nginx/logs/access/wip.mydomain.com.access.log;
        error_log  /etc/nginx/logs/error/wip.mydomain.com.error.log;
        server_name  wip.mydomain.com;

        location / { 
            proxy_pass http://127.0.0.1:7576;
            root         /var/app;
            expires 30d; 
            #uncomment this is you want to name an index file: 
            #index index.php index.html;
            access_log off; 
        }

        location ~* ^.+\.(jpg|jpeg|gif|png|ico|css|zip|tgz|gz|rar|bz2|pdf|txt|tar|wav|bmp|rtf|js|flv|swf|html|htm)$ {
            root         /var/app/public;
        }
}

`

This got the job done, I can now access my app by going to wip.mydomain.com

And I can easily password protect it via nginx.

My problem is the app is still accessible via the ip:port and I don't know how to prevent that.

Any help is appreciated.

Thanks

解决方案

In your node javascript code, you need to explicitly bind to the loopback IP:

server.listen(7576, '127.0.0.1');

(You are looking for a call to .listen(<port>) to fix. The variable may be called app or something else though).

Any IP address starting with 127. is a loopback address that can only be accessed within a single machine (doesn't actually use the network).

这篇关于node.js 与 nginx，如何删除直接 ip:port 访问的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！