Is there a way to tell meteor to only listen on localhost:3000? I use nginx as proxy and don’t want someone to access the node process directly.
I use meteor up to deploy the app and it would be great if there is a solution without using ip tables.
Set the PORT env variable to 3000 during or before deployment. You can do that in Mup.
Thanks, but thats not exactly what I meant. I want that the service is only accessible from localhost (127.0.0.1) and not from the public server IP.
I use nginx with an htaccess file so I have to deny access to http://myip:3000
Yeah, you can use the BIND_IP environment variable.
Probably though for production you’ll want a proper firewall to drop any packets to undesired ports.
1 Like
Take a look here https://www.nginx.com/resources/wiki/start/topics/examples/likeapache-htaccess/#help
It’s not the answer you want but you should really consider reconfiguring nginx and setting up IPtables
1 Like
Thank you, I will think about that. It is an interessting article but is it relevant for a meteor app? Since meteor uses a websocket connection it should be only one request per user, right?
Thank you, BIND_IP worked for me.
that’s probably a fair point. Although in my experience once you go down a “less supported” path you end up spending way more time on hacks downstream