I recently set up a Digital Ocean droplet and purchased a domain name. I have set up the AAAA record to point to the digital ocean droplet and have verified that the changes have propagated (for example, I can ssh to the server using the DNS name).
There is NO load balancer or firewall set up. The only digital ocean product I have set up is my droplet.
I noticed some bizarre behavior when running some tests.
I have tried several methods of serving HTTP content from the droplet, such as my personal site running in dotnet core and an express.js site.
However for this question I want to focus on the most basic example, to avoid the possibility that the request is being upgraded by a misconfigured server:
nc -l -p 1500 -c 'echo -e "HTTP/1.1 200 OK\n\n HELLO"'
When I navigate to the my droplet through my domain name (http://example.com:1500) , I see the netcat process finish executing in my droplet ssh session, and Chrome tells me:
This site can’t provide a secure connection. example.com sent an invalid response. ERR_SSL_PROTOCOL_ERROR.
I then see that the URL has somehow automatically changed to https//example.com:1500.
When I navigate to the droplet using the IP address (assuming my droplet IP is 12.34.56.78, I go to http://12.34.56.78:1500), I get the expected text "HELLO" displayed in the browser.
This result is the same in all browsers.
Why does making http requests to my droplet attempt upgrading to https, but only when going through the domain? Is this a browser behavior or something to do with Digital Ocean?
Thanks for taking the time to check out this question.
Figured it out. I have a .dev tld and chrome automatically upgrades all .dev tlds to HTTPS!
https://ma.ttias.be/chrome-force-dev-domains-https-via-preloaded-hsts/
This was driving me crazy.
Related
I've been trying to find a good free server for our school project so I've decided to try ec2 and just make my pc the server that I will use. I've managed to install my node server onto the ec2. I can post requests using postman but when I'm trying to fetch data from my html file to the ec2 instance, it says:
Fetch API cannot load ec2xxxxxx.amazonaws.com:3000/login. URL scheme "ecxxxxxxx.compute-1.amazonaws.com" is not supported.
Is there any workaround for this? Thanks in advance!!!
Follow these steps:
Make sure your application is listening on port 3000: netstat -anp |
grep 3000 also telnet 127.0.0.1 3000
Then make sure that local firewall is configured to allow incoming access to port 3000 OR disable local firewall to do a quick test (service iptables stop). for linux, its usually iptables
Allow incoming access to port 3000 in your AWS security group.
The error is literally telling you what the problem is:
"URL scheme... is not supported"
Do you know what the "scheme" portion of a url is? This link should help, but it's the something:// portion of a uri/url.
So it indicates that you need to specify a scheme that will get you to your aws server, which is likely either http:// or https://
So to be clear your fetch needs fetch('http://ec2xxxxxx.amazonaws.com:3000/login').
I am building my own website and I want to show my brother on the same network. But localhost is only on my computer... I think at least. Is there a way I ca nhost it on the network instead of my computer?
To access your localhost site from another computer, you can use the IP address of the computer on your local network where the site is located (for example: http://192.168.0.2/) instead of http://localhost/ or http://127.0.0.1/ which is the same thing.
If you are unable to do this due to a 404 or 403 error, check your web server configuration and/or firewall configuration.
Ok so I have an app with a Node/Express API and everything works fine on localhost. I'm trying to figure out how to make everything work on CPanel that's running on Apache. The client side stuff but I am unable to fetch any data from the backed. I've searched and looked, yes, but I'm still quite unsure on how to approach this. Do I have to use a Virtual Host and if so what are the specific steps I need to do?
NodeJS doesn't run on Apache or Nginx. Most you can do in these web servers is to set a reverse proxy.
NodeJS has its own web-server. cPanel won't help you in that regard, since you only need to install NodeJS on your server (you must have SSH access-root), and run it from there. You can daemonize your Node process to keep running installing PM2 or Forever (NPM Packages).
Here's a good answer (search before asking, the issue might be solved by then).
Run node.js on cpanel hosting server
cPanel typically runs Apache or another web server that is shared among all the cPanel/unix accounts. The web server listens on port 80. Depending on the domain name in the requested URL, the web server uses "Virtual Hosting" to figure out which cPanel/unix account should process the request, i.e. in which home directory to find the files to serve and scripts to run. If the URL only contains an IP address, cPanel has to default to one of cPanel accounts.
Ordinarily, without root access, a job run by a cPanel account cannot listen on port 80. Indeed, the available ports might be quite restrictive. If 8080 doesn't work, you might try 60000. To access a running node.js server, you'll need to have the port number it's listening on. Since that is the only job listening on that port on that server, you should be able to point your browser to the domain name of any of the cPanel accounts or even the IP address of the server, adding the port number to the URL. But, it's typical to use the domain name for the cPanel account running the node.js job, e.g. http://cPanelDomainName.com:60000/ .
Of course port 80 is the default for web services, and relatively few users are familiar with optional port numbers in URLs. To make things easier for users, you can use Apache to "reverse proxy" requests on port 80 to the port that the node.js process is listening on. This can be done using Apache's RewriteRule directive in a configuration or .htaccess file. This reverse proxying of requests arguably has other benefits as well, e.g. Apache may be a more secure, reliable and manageable front-end for facing the public Internet.
Unfortunately, this setup for node.js is not endorsed by all web hosting companies. One hosting company that supports it, even on its inexpensive shared hosting offerings, is A2Hosting.com. They also have a clearly written description of the setup process in their Knowledge Base.
Finally, it's worth noting that the developers of cPanel are working on built-in node.js support. "If all of the stars align we might see this land as soon as version 68," i.e. perhaps early 2018.
References
Apache Virtual Hosting -
http://httpd.apache.org/docs/2.4/vhosts/
Apache RewriteRule Directive - http://httpd.apache.org/docs/2.4/mod/mod_rewrite.html
A2Hosting.com Knowledge Base Article on Configuring Node.js - https://www.a2hosting.com/kb/installable-applications/manual-installations/installing-node-js-on-managed-hosting-accounts
cPanel Feature Request Thread for node.js Support - https://features.cpanel.net/topic/nodejs-hosting
Related StackOverflow Questions
How to host a Node.Js application in shared hosting
Why node.js can't run on shared hosting?
Is worth to point out that the NodeJS support hasn't yet come to cPanel (as early 2019)
I have set up an Google Cloud Compute Instance:
Machine type
n1-standard-1 (1 vCPU, 3.75 GB memory)
CPU platform
Intel Haswell
Zone
us-east1-c
I can ssh in using the external address.
I have installed the vncserver and can access it on port 5901 from localhost as well as the internal IP.
I am trying to access it from the static, external IP address but it is not working.
I have configured the firewall to open to port to 0.0.0.0/0, but it is not reachable.
Can anyone help?
------after further investigation from the tips from the two answers (thanks, both!), I have a partial answer:
The Google Cloud Compute instance was set, by default, to not allow
HTTP traffic. I reset the configuration to allow HTTP traffic. I
then tried the troubleshooting tip to run a small HTTP service in
python. I was able to get a ressponse from the service over the
internet.
The summary of the current situation is as follows:
The external IP address can be reached
It is enabled and working for SSH
It is enabled and working for HTTP
It does not seem to allow traffic from vncserver
Any idea how to configure the compute instance to allow for vncserver traffic?
If you already verified that Google Firewall or your VM are not blocking packets, you must make sure that VNC service is configured to listen on the external IP address.
You can always use a utility like nmap outside Google project to reveal information on the port status.
enable http/https traffic form the firewall as per the need. it will work!!
The Google Cloud Compute instance was set, by default, to not allow HTTP traffic. I reset the configuration to allow HTTP traffic. I then tried the troubleshooting tip to run a small HTTP service in python. I was able to get a response from the service over the internet.
As such, the original question is answered, I can access Google Cloud Compute Instance External IP. My wider issue is still not solved, but I will post a new, more specific question about this issue
TLDR: make sure you are requesting http not https
In my case i was following the link from my CE instance's External Ip property which takes you directly to the https version and i didn't set up https, so that was causing the 'site not found' error.
Create an entry in your local ssh config file as below with mentioned local forward port. In my case its an example of yarn's IP, which I want to access in browser.
Host hadoop
HostName <External-IP>
User <Local-machine-username>
IdentityFile ~/.ssh/<private-key-for-above-user>
LocalForward 8089 <Internal-IP>:8088
In addition to having the firewall rules to allow HTTP traffic in both Google Cloud Platform and within the OS of the instance, make sure you install a web server such as Apache or Nginx.
After installing the web server, you connect to the instance using SSH and verify you do not get a failed connection with the following command:
$ sudo wget http://localhost
If the connection is positive, it means that you can access your external URL:
http://<IP-EXTERNAL-VM>
Usually there are two main things to check.
1. Port
By default, only port 80, 443 and ICMP are exposed. If your server is running on a different port, create a record for the same.
2. Firewall
Make sure you are allowing http and https traffic based on your need.
oua re
For me the problem was that I set up the traffic for the firewall rule to be 'Egress' instead of 'Ingress'.
If anyone already initiated 'https'
just disable it and check again.
I'm trying to get an app that uses Server Sent events working on Google Compute Engine, when SSH'd into the box I can view them, but not externally via the ephermeral IP, aka
curl 0.0.0.0/route
works from inside the box but
curl xx.xx.xx.xx/route
just hangs, looking at the headers from other routes there seems to be some sort of cacheing proxy in between the box and the outside word that is preventing server sent events from getting out because the the connection hasn't completed, there is a similar issue with nginx until you set proxy_cache off, but as far as I can tell there is no documentation for configuring the proxy that compute engine uses.
Is it possible to do server sent events from Google Compute Engine and if so what do you have to do to get it to work?
edit:
Request is created with the browser EventSource object, so it has the default headers which look to be Accept:text/event-stream, Cache-Control:no-cache, plus Referer and User-Agent.
The headers I add are Content-Type:text/event-stream, Cache-Control:no-cache, and Connection:keep-alive.
When run in AWS all is fine when I run it behind nginx assuming I modify the config appropriately.
In Google Compute Engine other pages load fine but the route with Server Sent Events just hangs never even receiving headers. The reason I suspect google is sticking a proxy between the GCE box and the outside world is the addition of Via:HTTP/1.1 proxy10205 headers.
There may be magic on the lower network layers but there is no (transparent or otherwise) proxy between your VM and the internet on GCE for the external IP. I'm not sure where the Via header comes from, doesn't the browser/client have a proxy configured?
External IPs are not configured in the most straightforward way on GCE though which might be tripping up something in the stack. I think for external IPs, the external IP itself does not appear anywhere in the VM config, it's translated to the VM internal IP by 1-1 NAT. Loadbalanced IPs do end up on the host with external IP visible though (even though even these are configured in a funny way).
Even though I don't think anything should really care about the server IP for SSE, maybe try setting up a loadbalanced IP pointing to just that one instance and see if it works any better?
"Via:HTTP/1.1 proxy10205" in your HTTP response is not from Google Compute Engine.
The GCE does not strip out the Server-Sent-Events headers. I list the simple steps below which can help you to configure a demo Server-Sent Events on an GCE VM instance:
Create an GCE instance using CentOS image.
Install Apache web server and PHP:
$ sudo yum install httpd php
Create an index.html file with the HTML content from this page :
$ sudo vi /var/www/html/index.html
Create a PHP file called demo_sse.php in the www root directory ($ sudo vi /var/www/html/demo_sse.php ) with the following content:
<?php
header('Content-Type: text/event-stream');
header('Cache-Control: no-cache');
$time = date('r');
echo "data: The server time is: {$time}\n\n";
flush();
?>
Now visit the webpage. You can also verify the header using curl command:
$ curl -H "Accept:text/event-stream" --verbos http://<YOUR-GCE-IP ADDRESS>/demo_sse.php