Home > database >  How to make an HTTP request from a remote web client hosted by an npm server to a private port of a
How to make an HTTP request from a remote web client hosted by an npm server to a private port of a

Time:12-17

There is a front-end npm server hosted on a public port 80 in my production environment. I can launch a remote web browser client of this front-end server using its public hostname, e.g., http://hostname:80, and successfully load the webpage.

The Javascript in this app makes HTTP GET/POST requests to a back-end server to fetch some data on the URL: http://hostname:5000. This back-end server is running on the same production environment but on a private port, e.g., 5000, i.e., this port will not be visible outside the firewall.

As I understand it, this HTTP request is essentially made from the remote web browser client sitting outside the firewall. Due to the Firewall (UFW) policy, any request made from this client on private port 5000 gets blocked.

I do not want to allow the private port 5000 in the UFW, and I do not want to run the back-end server on a public port of the production server.

What are the solutions for this?

I have heard about the Nginx proxy server which redirects client connections on a public port (80) to a Node application running on a different port (3000).

Reference: https://blog.logrocket.com/how-to-run-a-node-js-server-with-nginx/

However, I am not certain if the Nginx server would be able to handle the client requests beyond the UFW rules.

CodePudding user response:

The majority of request information is sent to the backend from the proxy.

A request sent through the nginx proxy will act like a request directly to the backend.

Some fields may not be passed, for example: From nginx.org: By default, nginx does not pass the header fields “Date”, “Server”, “X-Pad”, and “X-Accel-...” from the response of a proxied server to a client. The proxy_hide_header directive sets additional fields that will not be passed

CodePudding user response:

I am not test those config

Edit Config

sudo nano /etc/nginx/sites-enabled/default.conf

Config file

server_name your-prod-server-name;
...
location /api-backend {
proxy_pass http://your-backend-server-name:5000;
...
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;

Javascript fetch some data on the URL: http://your-prod-server-name/api-backend, not http://your-backend-server-name:5000

  • Related