Recently I stopped and started my EC2 instance which resulted in having to setup my web app from scratch (using Tomcat & Java).
Right now I have Tomcat running on the EC2 instance and I can properly access my web app by opening a browser on the EC2 server and pointing to http://localhost:8080/web_app_name
However, if I open a browser on my own PC and point to the public IP of the EC2 instance (e.g. ec2-XXX-XXX-XXX-XXX.ap-southeast-2.compute.amazonaws.com) then the browser returns the message:
"This site can’t be reached, ec2-XXX-XXX-XXX-XXX.ap-southeast-2.compute.amazonaws.com refused to connect."
I have checked my security group for this EC2 instance, and it is allowing TCP ports 80, 443, 3389 and 8080 so I'm not sure why I cannot connect to the web app.
How can I resolve this?
You can try one of the below:
Create a new security group with an inbound rule "Custom TCP" giving permission to ports: 0-65535 and CIDR of 0.0.0.0/0. Attach this security group to your EC2 instance
If you don't want to create new Security Group make sure your current inbound rules has just one rule giving wildcard access like the one above.
As your application is running on 8080 port and ec2 Instance IP is looking for your application on 80 port.
So use loadblancer for redirecting port 80 to 8080 or try
ec2-XXX-XXX-XXX-XXX.ap-southeast-2.compute.amazonaws.com:8080/web_app_name, you will able to render your web page.
Related
I have deployed our playframework 1.2.7 web application to aws-ec2 ubuntu instance. The started the application on port 8081 since 80 or 8080 complains about not able to bind to those ports. How can I configure the ubuntu instance either througth the aws security group or on ubuntu itself so that I wouldn't have to add the port 8081 to the end of the public url or the public ip provided by aws.
ie I don't want do this:
example.com:8081 / ip4:8081
But I just want to use:
example.com / ip4
to access the application.
Please I need help on this.
The problem is that on Ubuntu ports < 1024 are privileged. This means that normal users can do nothing with it. To start play on port 80 you could simply start it as root user. Anyway it's not a best practice to start webserver as root due to possible security issues.
I'd suggest to start it on whatever non-privileged port you want, as normal user, and make use of an Elastic Load Balancer (ELB) to redirect all inbound traffic on port 80(or 443 for instance) to your play port. You can accomplish this simply using AWS web interface, when creating an ELB
So users will reach your play instance calling ELB on port 80 using Amazon auto-assigned dns name.
Example flow:
User browser --> http://your-elb-dns-name.com --> your_play_server_ip:8081
Just make sure that the Security Group associated to your play server instance will accept inbound traffic on 8081 from your ELB (you can identify your ELB using the amazon id assigned during its creation)
Another great advantage of using this ELB approach is that you can use it as reverse proxy to hide your ec2-instance(s) ip(s) to the internet. In fact, if you use ELB you could also avoid assignin a public ip to your ec2 instance during creation. ELB doesn't need to know a public ip beacuse it will have access to the Virtual Private Cloud (VPC) in which your ec2 instance was started
Another possible approach, if you don't want to use ELB, is to install NGINx or Apache on your ec2 instance to act as reverse proxy, but I think you should make use of Amazon web services to accomplish that. You may want to use an internal NGINX or Apache reverse proxy if you need to hide a particular resource of your play server to the internet.
https://aws.amazon.com/it/elasticloadbalancing/
I developed an application in my home machine. Now I want to show application that i made to client through WAN. I have TP-Link WiFi router at my home. Is it possible using port forwarding or other solution ?
Yes, you can use port forwarding to make your application accessible from the Internet. Essentially, what you want to do is redirect traffic coming into your public IP on port 80 to the internal machine running tomcat on port 8080.
There are public guides available for configuring port forwarding on different routers.
Edit: Port forwarding however might not be the only problem. There are other things to consider:
1. You should use a static external IP and map it to a DNS name, so users will be able to access the site by typing the name in the address bar.
2. You should make sure that the machine running tomcat allows external connections to port 8080, so these aren't blocked by the firewall.
My iOS app uses a Java-based server and communicates with it using Google Cloud Endpoints. Normally the server listens on https://myservice.appspot.com/_ah/api/rpc.
How can I debug my server code? After I run it with Debug As | Web Application inside Eclipse and change its URL to https://localhost:8888/_ah/api/rpc the client cannot connect. I don't think it's a firewall issue because URLs with localhost:8888 work for other client-server pairs.
So does one need to take any special steps for debugging code in Google Web Application projects with Google Cloud Endpoints in Eclipse, and is there a better way to set their required URL on the client than hardcoding it (like I currently try)?
The first cause why this did not work was that I tried to connect to localhost over SSL.
The second cause was that my real device of course needs to contact the dev server not as localhost, but using its remote IP address (currently 10.0.0.2 on my WLAN).
The third cause was that the firewall on my OS X 10.9.3 Mac prevented my real device from connecting to its port 8888. I had to disable Block all incoming connections and allow incoming connections for the applications Eclipse and java under System Preferences | Security & Privacy | Firewall Options. (OS X will prompt for permission the first time a connection is attempted.)
I just deployed an instance of OpenMary TTS server on my Windows 2012 Azure VM and configured ttp endpoints for both port 80 and the default 59125 ports. I've tried launching mary server using both ports and I can't access it externally using either the DNS name or the external IP. I installed IIS on the same host and I am able to access the default page remotely so I know it is not an Azure configuration issue, rather something in OpenMary causing it to only accept requests coming from the loopback IP or localhost.
Is there a hostname setting I can supply on the cmd line via java property? I can change its port name via -Dsocket.port= setting but how do I tweak the host name it listens on? Does it make sense to set the server up behind IIS?
in the Windows Azure Portal, you need to configure the end point mapping.
I need some help from someone who understands JBoss Hostname Binding. I think the solution is easy, although it's complicated to explain.
I am deploying an application using JBoss (v4.2) and am having troubles configuring the application.
This application has two parts, a web site on port 8080 and web services on port 8080 using SOAP APIs.
My server sits behind a firewall, and has an alias, let's say it's called orange.mycompany.com
My problem is that I cannot get the console to connect to the web services. The website works, but I see an connection refused error connecting to the web services.
[xfire.transport.http.HttpChannel]
java.net.ConnectException: Connection
refused
There are 2 things I can control, the bind IP on Tomcat, and the URL of the web services.
If I start JBoss, and bind to the local IP address:
./run.sh -b 10.1.2.3
And I set the URL of the web services to be that same IP
url=http://10.1.2.3:8080/services
I can see the website on port 8080 from outside the firewall, but the console cannot connect to webservices.
From the server, orange, itself I cannot see the website by calling http://localhost:8080/ or http://10.1.2.3:8080 or orange.mycompany.com:8080
However, if I start JBoss and bind to 127.0.0.1:
./run.sh -b 127.0.0.1
And I set the URL of the web services to localhost
url=http://localhost:8080/services
Now I can't see the website at all from outside the firewall.
But from the server itself, I can see the website browsing http://localhost:8080 and the I can successfully connect to the web services. That's great, but I need the website to be accessible from outside.
Can anyone suggest any combination of settings that will let me browse the website and also let the console call webservices on localhost?
Never mind.
Start JBoss binding to all IP's works.
./run.sh -b 0.0.0.0
Aren't your running JIRA standalone, right?
I always run tomcat and jboss behind a apache with mod_jk. This still hide ports, what sounds great for newbies users.
Your server is behind a NAT?
Sometimes I use ProxyPass or RewriteRules (mod_rewrite) to provide external access, thru reverse proxy.