Reputation: 2515
WebSocket hosted not in port 80 firewall issues
A websocket server that is not hosted in port 80, will be invisible from Internet Browsers?
I cannot use port 80 (it's being used by IIS) neither 443 nor 8080.
Does websockets hosted on custom ports will have firewall issues?
The only way is to use IIS8 as to share the same port (80)? (I'm using IIS7 with SuperWebSocket library)
Websockets that are accessed from browsers, should not be deployed in custom ports?
Thanks in advance.
Upvotes: 3
Views: 5333
Answers (3)
Reputation: 64175
According to here:
Warning: The server may listen on any port it chooses, but if it chooses any port other than 80 or 443, it may have problems with firewalls and/or proxies. Connections on port 443 tend to succeed more often but of course, that requires a secure connection (TLS/SSL). Also, note that most browsers (notably Firefox 8+) do not allow connections to insecure WebSocket servers from secure pages.
Upvotes: 1
Reputation: 474
To get to the heart of your question, I've had most success with realizing that my Web Server and Web Socket Server can both be on port 80, but different hosts ( origins ). As long as the Web Socket Server can handle CORS requests from your Web Page origin, it seems this is a way that avoids firewall problems and leads towards the architecture of having static content froma Web Server and dynamic from a WebSocket server.
So the story is:
serve page from web.server.com:80 (that's the origin)
in application space on that web page open a WebSocket to websocket.server.com:80/serviceName
(makes a cross-origin request that needs be be allowed by websocket.server.com, which might whitelist web.server.com)
happily serve dynamic content and static content separately.
Some more specific answers to some of your questions:
A WebSocket server that is not hosted in port 80, will be invisible from Internet Browsers?
No. Your application in the browser can open a WebSocket to other ports if that is desirable, subject to CORS constraints. Oftentimes it is advantageous to keep the WebSockets on port 80, so that intermediaries and edge gateways don't have to change firewall rules.
I cannot use port 80 (it's being used by IIS) neither 443 nor 8080. Does WebSockets hosted on custom ports will have firewall issues?
Most likely, unless you are in control of the firewall and can open up other ports.
Upvotes: 1
Reputation: 73091
If you have control over the firewall then there is no issue with running a websocket server on a custom port. You just need to open up the port to allow incoming traffic to that port.
The problem is not really firewalls per se but rather other types of filtering, proxying, load balancing, etc that happens before the traffic reaches your server. However, unless you have specific requirements that you didn't mention then there should be no issue with simply allowing traffic on that port.
If you WebSocket server is configured to limit connections to specific origins (CORS) then you will need to allow the origin to make connections. The origin is the address of the web server that will be serving up the web page that will make the WebSocket request. The default is usually either wide open or limited to the address of the websocket server itself.
Upvotes: 1
Related Questions
- What is the port of WebSocket?
- Cannot host WebSocket Server - error during handshake
- WebSocket windows service listening on port 8080
- Javascript Websocket to listen on port 80
- Websockets proxies and using port 443 simultanously with IIS web server
- SignalR on port 80/443
- IIS: Websocket and IIS sharing port 443
- XSockets / WebSockets not accessible from other machine than the hosting one
- Websocket Server Behind IIS 7 Reverse Proxy
- superwebsocket on port 80