I'm quite new to AWS and I have been starting to work with EC2 instances. I have a web application that has a frontend and backend separately. So first I hosted the backend application on EC2 instance and it is a Symfony framework based REST API Application. So I have installed all dependencies and now the application is running. But to check the application I ran some API calls to the application using postman and seems application is not working as intended. I get following response from Postman. I have also provided security group configurations properly.
When I start sysmfony app it says [OK] Server listening on http://127.0.0.1:8000.
Can't figure out why this is happening. Can someone help me here?
You are running your application trough CLI (Symfony web server bundle) , by default this will bind to 127.0.0.1 which can't be accessed from outside. To fix this, you must bind to your server's public IP/hostname and port:
php bin/console server:start 192.168.1.1:8000 # replace with your ip
You can also bind to all your IP addresses using 0.0.0.0
But keep in mind, you should not use built in server for production, it's slow and less secure. Use a real web server instead, like Apache or Nginx.
Related
Running an ASP.Net Core application based on IdentityServer 4 on an AWS cluster,
after 14-21 days all outgoing HTTPS requests take 5min or more to finish.
After an investigation found that the WinHTTP Web Proxy Auto-Discovery Service dies with the following error: The endpoint mapper database entry could not be created. not sure if this is the issue or a side effect of something else that breaks lower in the OS.
Environment:
ELB with with an autoscaling group with two instances behind it, issue occurs on both
Windows Server 2019
Notes:
It is a custom AMI but the only difference with the instances that do not experience this is the product is running on it.
Happens on both .Net core 2.2 and 3.1 based versions of the application
Happens on both versions based on IdentityServer4 v2 and v3
The app is deployed self contained
The app uses Kestrel without a reverse proxy in front of it
Tried:
Enabled schannel: no errors in the schannel logs set on trace
No other notable errors in any of the EventViewer logs
Restarting the instance fixes the problem
When running curl.exe -v to an HTTPS site on the machine the request gets stuck on schannel: checking server certificate revocation
The clocks on the instances are OK
Restarting the app process does not resolve the issue
Disabling the HTTPClient in the code using the WinHTTP Web Proxy Auto-Discovery Service service still breaks the service.
For those running into this.
The root of this issue is the WinHTTP autoproxy (wpad) service which is used to autoconfigure proxy settings, WinHTTP 5.1 implements the Web Proxy Auto-Discovery (WPAD) protocol also known as autoproxy, and it must support DHCP. Now this is where the problem occurs, the AWS DHCP does not support DHCP option 252 (used by WPAD) which in turn causes the issue.
The resolution is to disable the WinHTTP service as it is turned on by default in Windows.
I am seeing this exact same problem on a bare-bones AWS Lightsail instance of Server 2019. I am simply using IIS as a reverse proxy with the URL Rewrite module.
Here are some details about my environment/scenario in case it helps narrow down some common factors.
I have zero .Net applications running on this box, it is simply a reverse proxy.
I have 2 web applications, and 2 websites setup in IIS, each is a reverse proxy for a different back-end API.
The websites in IIS on the reverse proxy use the same CA issued wildcard certificate as the back-end API's.
The back-end API's are also hosted in IIS (Server 2012 R2).
The back-end API's run in a PCI compliant environment so IIS Crypto has been used to tighten up encryption protocols/algo's. I have not used IIS Crypto on the reverse proxy yet, so as I type this I'm starting to wonder if there's an SSL aspect to this.
I want to debug a flask app on mobiles.
My application configuration allows to expose the app to the network:
application.run(host= '0.0.0.0',port=5000,threaded=True)
However, if I load mylocalIP:5000, it redirects to www.example.com, where the production site is hosted, and cannot figure out where it is written to resolve the redirect.
So I cannot see my local environment but in my local machine, and cannot debug the app on other machines - like mobile phones.
Where should I look to solve the problem ?
I must have changed configuration on my machine somewhere, I don't think it is related to flask.
Note: as alternative , I tried use my local host alias:
I'm using a mac, System Preferences > Sharing > Internet Sharing is enabled, other computers in local networks can access my local env at myLocal.local host, but still access to myLocal.local:5000 is forbidden for other machines but my computer.
You can do one thing, install Fiddler app and configure the reverse proxy on your mobile phone. This tutorial will help you to configure fiddler in android applications.
After configuring the reverse proxy, run the flask application on localhost or machine IP and you can access your machine IP on your mobile. Fiddler would also help you to intercept all the calls made to your application. If you don't want to inspect via fiddler you can directly put your mobile on same network of application.
I'm trying to create a web app on AWS and I'm running into port issues. I would like to have multiple apps providing different services on different ports. I've created a website (on the same instance) to receive a text query and pass it to my app on port 3000. The app listening on 3000 is written in CherryPy.
We are using a VPN to provide security for the AWS instance. When logged into the VPN, everything works fine. The web page loads, the query returns the correct data. When I disconnect from the VPN, or someone else goes to the page, the page still loads, but queries to the service time out.
I've used netstat to make sure the service is listening but I'm not sure what could be blocking traffic. I've worked through the CORS issues as evident by the fact it works when I'm signed into the VPN.
What can I check now?
When I disconnect from the VPN, or someone else goes to the page, the page still loads, but queries to the service time out.
My assumption is that the web server and the app are on the same server.
It sounds very much like the connection from web server to app is happening via a routed IP address rather than localhost. In addition to being slower, it's also hitting your firewall rules.
Configure the web server to access your app on localhost:3000 and the issue should clear up.
I actually got it working. I have an AWS instance with nginix and CherryPy. When the user goes to a web address, the nginix page loads with a form for a query string. When they submit a string, the string is POSTed to a CherryPy service running on port 3000. The CherryPy service does some computations and returns a result via JSON.
I thought I had opened up everything completely for testing, but I was having so many issues. It turned out that having CherryPy set
"Access-Control-Allow-Origin" = "*"
wasn't working, instead I needed to specifically set the origin of the calling page.
I have developed a play 1.2.5 application and implemented secure module module for authentication.Its working fine. Now I have developed another play 1.2.5 application which is running on a separate server. I have maintained a href tag in my first play application which has the link to second application.On loging in through my first application, I want the username to be passed to the second application because i am using the logged username. As soon as I log out from the first application, The session (username) should be removed from the second application too.
How can i achieve this ...Plz help!
If you run both of servers on 1 domain (such as www.example.com), and using load balancer (like nginx) to transfer requests to 2 server. You just make sure the config application.secret is the same for both.
If you run on different sub-domain (Recommend), you MUST do like that:
Server should use sub-domain, for example login server is login.example.com and application server is app.example.com
Use config application.defaultCookieDomain=.example.com for both server, then they can use the cookie each others
Make sure both servers have same config application.secret
If you really want to put 2 difference domain, like example.com and example.net. You should implement OAuth on login server and provide API to call from application server.
I have developed a SOAP webservice in mule, which has the endpoint configured as say
for e.g.
http:inbound-endpoint exchange-pattern="request-response" address="http://localhost:7001/helloService"
doc:name="HTTP"
It is deployed as a WAR file in tomcat server. Am able to access the wsdl from my local desktop like this - endpoint?wsdl and works perfectly fine.
How can I access this when deployed in a remote server? What endpoint should it be given? Can it contain localhost and port as it is?
Do I need to refer the context path of the web app? Its a little bit confusing...Can someone help pls?
You're binding to localhost so it'll only work on the machine it's running. You can bind to all interfaces using 0.0.0.0 and the access it remotely using the machine's IP address or domain name.