Geek Answers Handbook

What ports should I listen on node.js? How and why?

My node.js applications I listen to port 80 for http and 443 for https, which I thought was pretty standard practice.

However, a number of examples that I recently read use other ports (e.g. 8080 and 8081) to listen for http / https, and then use other means, such as iptables or ufw to serve 80/443 ports through packet forwarding to / from other .

Below are examples here and here .

So my question is , why don't I want to listen directly to ports 80 and 443?

Are there any security issues? Is this just a case where these authors are not allowed to listen on ports below 1024 (would I find this amazing?)? Most people run Apache on the node side? (I do not do this).

Assuming there is a good reason why I don’t want to listen directly to 80 and / or 443 , what method should I use to relay traffic from 80/433 to other alternative ports of choice?

Did I mention iptables and ufw above, is one of them better than the others, or is there some other method that I should use? The answer depends on whether I balance the load between processes?

Thanks in advance.

+8
port
source share
1 answer

The first line of the first article you mentioned mentions the reason.

 Standard practices say no non-root process gets to talk to the Internet on a port less than 1024.

For node, to bind to port 80 or 443 you need to run it as root, which is not very good.

The method used to redirect traffic to higher ports is up to you. iptables is the least resource-intensive and simplest. Another method would be to use NginX / Apache for a proxy before Node. I would say that the main advantage of this method is that you can also use things like static files and should not serve them through Node.

Apache and NginX are both explicitly designed to serve static files, so they are very good at it, while node is a whole JS environment with all the overhead. node does a great job with many concurrent connections and, of course, can serve files perfectly for normal loads, but it will use more resources for this than NginX.

Using a proxy server that supports HTTP, such as Apache / NginX, also means that you can easily configure multiple node instances to run different subdomains or even different paths in the same domain.

+14
source share

More articles:


All Articles