node.js 与 nginx,如何删除直接 ip:port 访问 [英] node.js with nginx, how to remove direct ip:port access
问题描述
我继承了一个 node.js 项目,我对平台/语言非常陌生.
我继承的应用程序正在开发中,因此正在进行中.在当前状态下,它运行在端口 7576 上,因此您可以通过以下方式访问它:server_ip:7576
我的任务是将这个原型"放在实时服务器上,以便我的老板可以向投资者等展示它.但我必须用密码保护它.
所以我所做的是让它在实时服务器上运行.然后我让它使用了这样的 nginx 虚拟主机:
服务器{听80;auth_basic "受限";auth_basic_user_file/usr/ssl/htpasswd;access_log/etc/nginx/logs/access/wip.mydomain.com.access.log;error_log/etc/nginx/logs/error/wip.mydomain.com.error.log;server_name wip.mydomain.com;地点/{proxy_pass http://127.0.0.1:7576;根/var/app;30d 到期;#uncomment 这是你想命名一个索引文件:#index index.php index.html;access_log off;}位置 ~* ^.+\.(jpg|jpeg|gif|png|ico|css|zip|tgz|gz|rar|bz2|pdf|txt|tar|wav|bmp|rtf|js|flv|swf|html|htm)$ {根/var/app/public;}}
`
大功告成,我现在可以通过访问 wip.mydomain.com 来访问我的应用
我可以很容易地通过 nginx 密码保护它.
我的问题是仍然可以通过 ip:port 访问该应用程序,但我不知道如何防止这种情况发生.
感谢任何帮助.
谢谢
在你的 node javascript 代码中,你需要显式绑定到环回 IP:
server.listen(7576, '127.0.0.1');
(您正在寻找对 .listen(
的调用来修复.该变量可能被称为 app
或其他名称).>
任何以 127.
开头的 IP 地址都是环回地址,只能在单台机器内访问(实际上并不使用网络).
I inherited a node.js project and I am very new to the platform/language.
The application I inherited is in development so it is a work in progress. In its current state it runs off port 7576 so you access it this way: server_ip:7576
I've been tasked with putting this "prototype" on a live server so my boss can show it to investors etc. But I have to password protect it.
So what I did is I got it running on the live server. And then I made it use a nginx vhost like this:
server {
listen 80;
auth_basic "Restricted";
auth_basic_user_file /usr/ssl/htpasswd;
access_log /etc/nginx/logs/access/wip.mydomain.com.access.log;
error_log /etc/nginx/logs/error/wip.mydomain.com.error.log;
server_name wip.mydomain.com;
location / {
proxy_pass http://127.0.0.1:7576;
root /var/app;
expires 30d;
#uncomment this is you want to name an index file:
#index index.php index.html;
access_log off;
}
location ~* ^.+\.(jpg|jpeg|gif|png|ico|css|zip|tgz|gz|rar|bz2|pdf|txt|tar|wav|bmp|rtf|js|flv|swf|html|htm)$ {
root /var/app/public;
}
}
`
This got the job done, I can now access my app by going to wip.mydomain.com
And I can easily password protect it via nginx.
My problem is the app is still accessible via the ip:port and I don't know how to prevent that.
Any help is appreciated.
Thanks
In your node javascript code, you need to explicitly bind to the loopback IP:
server.listen(7576, '127.0.0.1');
(You are looking for a call to .listen(<port>)
to fix. The variable may be called app
or something else though).
Any IP address starting with 127.
is a loopback address that can only be accessed within a single machine (doesn't actually use the network).
这篇关于node.js 与 nginx,如何删除直接 ip:port 访问的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!