I've suddenly started getting this error even though my app runs fine locally.
I'm running a rails app on Azure App Service.
I've tried setting an application setting PORT to 80 and my WEBSITES_PORT to 8080 with no luck.
puma.rb includes this
port ENV.fetch("PORT") { 3000 }
I've tried changing this to 8080 with no luck after deploying to Azure.
After looking online I'm really stuck as to why this is happening suddenly
Azure web application only support 80 and 443 port, but you could use WEBSITES_PORT point to other port. The variable "PORT" appears to be obsolete and may conflict with WEBSITES_PORT.
So my suggestion is deleting "PORT". Use WEBSITE_PORT directly to specify the desired port, such as 8080. By the way, the port must be the container exposes.
Related
I want to run Grails on https on localhost. I have already configured HTTPS and can see the Apache page when localhost:443 is hit. Currently Grails runs on 8080. When I try running grails with grails -Dserver.port.https=443 run-app -https, I get Permission denied. I know this requires some kind of root access below port 1024. But when I try sudo grails run-app, this gives me command not found.
Any possible solutions?
Generally, it's a bad idea to run your web app as root. Practically speaking, your app becomes super exploitable. Any security flaw in your setup will suddenly give the attacker full root access to the server.
This is why it's more common to do one of the following:
Run a proxy such as apache or nginx or haproxy on port 443 with https, and grails on port 8080 without https. Set up the proxy to forward all requests to your grails app at 8080. Make sure the grails app only listens to localhost, so you can't go directly to yoursite.com:8080.
Run Grails at 8080, with https, only listening on localhost, and set up a netfilter/iptables rule to forward traffic on 443 to localhost 8080.
The two setups are essentialy the same. The main difference is whether to use a user level setup, or rely on an OS level service such as netfilters.
I have exposed port 80 in my application container's dockerfile.yml as well as mapping "80:80" in my docker-compose.yml but I only get a "Connection refused" after I do a "docker-compose up" and try to do a HTTP GET on port 80 on my docker-machine's IP address. My docker hub provided RethinkDB instance's admin panel gets mapped just fine through that same dockerfile.yml ("EXPOSE 8080") and docker-compose.yml (ports "8080:8080") and when I start the application on my local development machine port 80 gets exposed as expected.
What could be going wrong here? I would be very grateful for a quick insight from anyone with more docker experience!
So in my case, my service containers both bound to localhost (127.0.0.1) and therefore seemingly the exposed ports were never picked up via my docker-compose port mapping. I configured my services to bind to 0.0.0.0 respectively and now they works flawlessly. Thank you #creack for pointing me in the right direction.
In my case I was using
docker-compose run app
Apparently
docker-compose run command does not create any of the ports specified in the service configuration.
See https://docs.docker.com/compose/reference/run/
I started using
docker-compose create app
docker-compose start app
and problem solved.
In my case I found that the service I am trying to set up had all their networks as internal: true. It is strange that it didn't give me an issue when doing a docker stack deploy
I have opened up https://github.com/docker/compose/issues/6534 to ask for a proper error message so it will be obvious for other people.
If you are using the same Dockerfile, make sure you also expose the port 80 EXPOSE 80 otherwise, your compose mapping 80:80 will not work.
Also make sure that your http server listens on 0.0.0.0:80 and not localhost or a different port.
I am trying to run a ror application at a friend's home and the application is not reachable from the outside. Here is what we have tried.
The application has been created with
$ rails new <application name>
and started with
$ rails server
The development server starts and is reachable on http://localhost:3000
Next thing we have activated port forwarding on the router he uses to connect to the internet: we have mapped the external port 3000 to port 3000 on the internal host on which the rails server is running. When I try to open the page from the outside (with firefox) I get an error page: unable to conenct to host, the host may be down, try to connect later.
Things we have tried:
Changed port forwarding 80 -> 80
Installed and started Apache: the default Apache page is reachable.
Stopped Apache and started the rails server on port 80 (with sudo, otherwise it can't use port 80): the rails server is not reachable.
I have also checked the firewall of the machine running the rails server. The OS is ubuntu 12.04: the firewall (at least ufw) is not active. I can also connect to that machine using port 22 / ssh.
Summarizing:
rails server is accessible on port 3000 on local host
port forwarding works for ports 22 and 80 and both ssh server and apache server are reachable
rails server is NOT reachable on both port 80 and 3000 from the outside
The only thing I can think of is that rails might have a mechanism similar to Django's ALLOWED_HOSTS and that it refuses external requests because they are for a different host than localhost. However, I haven't found anything on this topic. Also, the application's log files do not show any connection attempt that was refused by the rails server.
So we are out of ideas. What should we check next?
Prior to Rails 4.2, the default for rails server was to bind to all interfaces. In Rails 4.2 this changed to only bind to 127.0.0.1 by default - there's nothing in the application logs because the socket is simply not listening to connection on other network interfaces.
To allow connections from another machine you need to use the -b option to bind to extra ip addresses, eg
rails s -b 0.0.0.0
to bind to all available ip addresses. You can of course replace 0.0.0.0 with one of your machine's actual ip addresses although you would of course have to change that invocation whenever your machine's ip address changed.
I'm running Rails con a VM with a bridged interface, it has it's own IP in the local network.
When I start rails in 0.0.0.0:3000 I can access it using the local network IP in the port 3000 without any problem.
The router NAT configuration is to route the port 3000 to the VM.
When I check the port 3000 on http://canyouseeme.org with the Rails server stopped it says the port is closed. With the rails server started it says the port is open. This means, the router is indeed routing to the VM, right?
But when I try to enter the server through my public IP in the port 3000, it won't answer.
I tried changing the server from Thin to Webrick, with the same result.
Also, I tried to run another web server in the port 3000 with he same results. No answer to public requests outside the local network. Yet the port is checked as opened.
Also, UFW is stopped, and anyway I allowed the port 3000.
Any ideas?
Some routers don't support loopback, meaning you can't access the public IP from within the LAN. FWIW, I tried this"
telnet canyouseeme.org 3000
Trying 8.23.224.110...
With no luck.
I am attempting to run BeepBeep through Mochiweb on Port 80. It works if I type sudo ./start_server.sh. Are there any security risks with running Mochiweb like this? If so how to remedy?
Thanks!
running any service as root has risk. It's hard to answer your question properly without more information though. Is this a production service or a dev instance you are running?
If production I would recommend running the mochiweb instance on a different port so it can run as a user and then using a proxy like nginx or apache to listen on 80 and forward the request.
You could start it on an unprivileged port and do port-forwarding in your firewall, so that port 80 goes to your unprivileged port.