> On 19 Jun 2015, at 19:27, Ray Jender <rayjende...@gmail.com> wrote: > > > So, for all of the example and demo code I have seen, they always include > doing "node file.js" and then it echos back "Listening at: > http://localhost:8080"; or similar. > Which implies I have to browse to port 8080 to use the app. > > My question is how does this work in production? I have never had to browse > to a website using a port number? I'm confused? > How can I simply browse to a URL and not include a port number?
So -- there's some interesting details to that! Each service on the Internet has a port assigned to it in the specification for it. http is port 80, ssh is 22, https is 443, xmpp is 5222 (and a few others, because it's complicated), pop3 is 110 and imap is 143. If the service is running on its normal port, things don't usually need to know the port because it can just assume the usual one. In http URLs, this lets us leave the port number out -- http://example.org/ and http://example.org:80/ in theory point to the same resource. (some systems treat them as 'different' when comparing, but they access the same resources.) Now if you're NOT on the default port, you have to specify -- so Express apps in particular suggest you connect to http://localhost:yourport/. This is actually just a hint -- usually they listen to more than localhost, and the report back for the URL is actually not very robust, but it works enough to get people off the ground. If you run your app on port 80, you won't need that. However! Unix systems restrict ports under 1024 as reserved for the system -- a simple enough restriction to keep a user from starting up something in place of a system service at startup time, in the era of shared systems. That means you have to run something as root to bind port 80, unless you use special tools. There's one called authbind that lets you bind a privileged port (found most commonly on Debian-derived Linuxes), one can call process.setuid and process.setgid to relinquish root privilege after binding (a common tactic in classic unix systems), though there's some fiddly details there that could leave you exposed if someone manages to inject executable code into what you're running. And finally, one can proxy from a 'trusted' system daemon to your app on some arbitrary port -- nginx is a popular choice for this, as are haproxy, stunnel and others. Hope this helps Aria -- Job board: http://jobs.nodejs.org/ New group rules: https://gist.github.com/othiym23/9886289#file-moderation-policy-md Old group rules: https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines --- You received this message because you are subscribed to the Google Groups "nodejs" group. To unsubscribe from this group and stop receiving emails from it, send an email to nodejs+unsubscr...@googlegroups.com. To post to this group, send email to nodejs@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/nodejs/4850379B-D89C-4073-87D1-5F9A8602D5BD%40dinhe.net. For more options, visit https://groups.google.com/d/optout.
smime.p7s
Description: S/MIME cryptographic signature
