node.js with nginx, how to remove direct ip:port access

Question

I inherited a node.js project and I am very new to the platform/language.

The application I inherited is in development so it is a work in progress. In its current state it runs off port 7576 so you access it this way: server_ip:7576

I've been tasked with putting this "prototype" on a live server so my boss can show it to investors etc. But I have to password protect it.

So what I did is I got it running on the live server. And then I made it use a nginx vhost like this:

server {
        listen 80;

    auth_basic            "Restricted";
    auth_basic_user_file  /usr/ssl/htpasswd;

        access_log   /etc/nginx/logs/access/wip.mydomain.com.access.log;
        error_log  /etc/nginx/logs/error/wip.mydomain.com.error.log;
        server_name  wip.mydomain.com;

        location / { 
            proxy_pass http://127.0.0.1:7576;
            root         /var/app;
            expires 30d; 
            #uncomment this is you want to name an index file: 
            #index index.php index.html;
            access_log off; 
        }

        location ~* ^.+\.(jpg|jpeg|gif|png|ico|css|zip|tgz|gz|rar|bz2|pdf|txt|tar|wav|bmp|rtf|js|flv|swf|html|htm)$ {
            root         /var/app/public;
        }
}

`

This got the job done, I can now access my app by going to wip.mydomain.com

And I can easily password protect it via nginx.

My problem is the app is still accessible via the ip:port and I don't know how to prevent that.

Any help is appreciated.

Thanks

Answer 1

In your node javascript code, you need to explicitly bind to the loopback IP:

server.listen(7576, '127.0.0.1');

(You are looking for a call to .listen(<port>) to fix. The variable may be called app or something else though).

Any IP address starting with 127. is a loopback address that can only be accessed within a single machine (doesn't actually use the network).