I have hosted magento2 website with Nginx, SSL termination, and varnish cache. Varnish cache is running on port 8080 and the Magento2 website is hosted on Nginx port 8081. Http and Https traffic is accepted by the same Nginx and forwarded to the varnish cache(SSL terminated). NGINX Varnish Magento2 all are running in the same server I have two questions,

1. If I tried to access the magento2 website which is running on port 8081, directly from the internet, it bypasses the SSL termination and directly connects to the website. How can I restrict that?
2. When configuring magento2 baseurl, If I want to host it on a different port rather than the default 80 port, Do I need to give the port number at the baseurl configuring step? eg:- php bin/magento setup:install --base-url=http://www.example.com:8081

CodePudding user response：

1. Assuming you want to block the port from the public internet, you have multiple options. Assuming you have SSH access, you can block the port with iptables:

/sbin/iptables -A INPUT -p tcp --destination-port 8081 -j DROP
/sbin/service iptables save

2. Assuming you're using a non-standard HTTP port (not 80 or 443), yes, you would need to specify that in the configuration.

CodePudding user response：

nginx shouldn't be listening on 8081 to the outside world to begin with. You probably need something like

server_name  localhost;

in your nginx configuration