It is necessary to configure collaboration with nginx, i. nginx acts as a proxy port 8001 and gives the node.js application. How in nginx to deny access to the application from port 8001 and leave only access by server_name ?

nginx

 server { listen 80; server_name nodejs.local; location / { proxy_pass http://localhost:8001; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection 'upgrade'; proxy_set_header Host $host; proxy_cache_bypass $http_upgrade; } }
  • proxy_set_header Host $host:$server_port; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - Sergey

1 answer 1

nginx is not responsible for this.

You can lock the firewall, and you can only listen to the local loop on the NodeJS side.

Do you have a line like app.listen(8081) ? In fact, it is synonymous with app.listen(8081, '0.0.0.0') , it listens to all network interfaces .

Or you can do this: app.listen(8081, 'localhost') , and it will be unavailable across all interfaces, except for the local loop , through which nginx just proxies requests.

  • Thanks, it remains to understand how to do this in sailsjs, I don’t see a way to change it yet - JILeXanDR
  • @JILeXanDR look for where the port is indicated, the indication should be next to bind address. - D-side