使用端口80(Ubuntu / Linode)运行Node.js时的最佳实践 [英] Best practices when running Node.js with port 80 (Ubuntu / Linode)
问题描述
我在云Linux节点
上设置我的第一个 Node.js
服务器, Linux admin
的详细信息。 (BTW我不是想同时使用Apache)
一切安装正确,但我发现除非我使用 root login
,我不能在端口80
上监听节点。然而我宁愿不以root身份运行它为安全的原因。
最佳做法是:
- 设置好的权限/用户
- 允许在这些约束中使用端口80。
- 启动节点并自动运行。 / li>
- 处理发送到控制台的日志信息。
- 任何其他常见的维护和安全问题。
$ b
感谢
端口80
我在云实例上做的是使用以下命令将端口80重定向到端口3000: / p>
sudo iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3000
然后我在端口3000上启动Node.js。对端口80的请求将映射到端口3000 。
您还应编辑 /etc/rc.local
文件,并将该行减去 sudo
。这将在机器启动时添加重定向。在 /etc/rc.local
中不需要 sudo
,因为命令以<$ c $
日志
使用 forever 模块来启动您的Node.js。
启动时启动
$ b b
将Node.js启动脚本添加到您为端口重定向编辑的文件 /etc/rc.local
。这将在系统启动时运行您的Node.js启动脚本。
Digital Ocean&其他VPS
这不仅适用于Linode,还适用于Digital Ocean,AWS EC2和其他VPS提供商。但是,在基于RedHat的系统上, /etc/rc.local
是 /ect/rc.d/local
p>
I am setting up my first Node.js
server on a cloud Linux node
and I am fairly new to the details of Linux admin
. (BTW I am not trying to use Apache at the same time.)
Everything is installed correctly, but I found that unless I use the root login
, I am not able to listen on port 80
with node. However I would rather not run it as root for security reason.
What is the best practice to:
- Set good permissions / user for node so that it is secure / sandboxed?
- Allow port 80 to be used within these constraints.
- Start up node and run it automatically.
- Handle log information sent to console.
- Any other general maintenance and security concerns.
Should I be forwarding port 80 traffic to a different listening port?
Thanks
Port 80
What I do on my cloud instances is I redirect port 80 to port 3000 with this command:
sudo iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3000
Then I launch my Node.js on port 3000. Requests to port 80 will get mapped to port 3000.
You should also edit your /etc/rc.local
file and add that line minus the sudo
. That will add the redirect when the machine boots up. You don't need sudo
in /etc/rc.local
because the commands there are run as root
when the system boots.
Logs
Use the forever module to launch your Node.js with. It will make sure that it restarts if it ever crashes and it will redirect console logs to a file.
Launch on Boot
Add your Node.js start script to the file you edited for port redirection, /etc/rc.local
. That will run your Node.js launch script when the system starts.
Digital Ocean & other VPS
This not only applies to Linode, but Digital Ocean, AWS EC2 and other VPS providers as well. However, on RedHat based systems /etc/rc.local
is /ect/rc.d/local
.
这篇关于使用端口80(Ubuntu / Linode)运行Node.js时的最佳实践的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!