We installed rstudio in a docker container and configured it following
https://support.rstudio.com/hc/en-us/articles/200552326-Running-RStudio-Server-with-a-Proxy
In order to use a sub-uri: example.com/rstudio. This is a work situation, and the server example.com is behind a firewall. To access websites behind the wall I typically tunnel like
ssh -L 8000:example.com:80 other_server
When I do this for example.com I can load pages like example.com/test.html. However, when I try localhost:8000/rstudio, it maps me right back to example.com/rstudio.
Is there something I could add to the configuration in the linked docs page that would make things work through the tunnel?
I can suggest you quick&dirty hack:
Add example.com = 127.0.0.1 at your local PC
ssh -L 8000:remote_server_ip:80 other_server
Try go to http://example.com/rstudio
It can be caused by mod_rewrite of your rstudio instance I think
Look here for more examples of SSH tunneling, maybe it will help too.
Related
I'm currently trying to setup a tunneling tool, specific for game servers.
So you can start the server locally and everyone can join without open your ports or getting unsecure.
Basicly I do a reverse ssh tunnel to one of my dedicated linux servers where the game port get mapped to a different port (for example 8888). So the server is now exposed to the internet and available for anyone and the user don't have to get unsecure and open his own ports. Everyone can connect to the following ip: SERVERADRESS:8888.
The command which gets executed looks like this:
ssh -N -R "*:8888:localhost:25565" root#SERVERADRESS
This works fine just as i want. But I also want to secure my "forwarding" server, so I'm relativ new to networking but I found reverse proxy's. I watched some tutorials and I installed the "Nginx Proxy Manager" tool which comes with a web interface and looks very good and easy. So there is an option to create an Stream (Picture below), there you can enter the incoming port and the forward Host + port, for example: REVERSEPROXY:7777 -> FORWARDINGSERVER:8888. So with this I want to hide the ip adress from the server where all the ssh tunnels. Sadly this Stream tool won't work, I already saw some other topics with that. They all said to enter the port into the docker-compose.yml which I already did + restart. But for now it won't work. Any other soloutions for this problem? Or completly different ideas to protect my server?
https://i.stack.imgur.com/FolLe.png https://i.stack.imgur.com/KuJbt.png https://i.stack.imgur.com/2SN4a.png https://i.stack.imgur.com/9kzbj.jpg
I try to do my own tunneling tool, but with a protection so that my server getting damaged.
I am trying to use Docker to set up two WordPress containers behind a container running an NGINX reverse-proxy, as illustrated in the following diagram (this is all on an Ubuntu 22.04 VPS):
Ideally, I'd like to have the only connection to the world be via the host's ports 80 and 443 mapped to the NGINX container and then have everything else internal to the Docker network. The issue I am running into is that the official WordPress image wants to expose itself on port 80 as well and that's obviously causing a conflict.
One solution would be to mount the NGINX container on the host's network and map the WordPress containers' ports, but I'd like to keep everything contained. Is there a way to map the WordPress container port to something within itself or create a port mapping on the Docker network? (I am DEFINITELY not a networking person in any way so apologies if I'm missing something obvious)
I ended up moving the apache config files to a directory mounted from the host, then editing the ports.conf and sites-enabled/000-default.conf to get apache to use a different port. There also seemed to be an issue with the reverse-proxy config in NGINX, but that was solved with some copypasta and I'm not quite sure what the problem ended up being there.
new here. I'm currently trying to set up an implementation of Tabula on a Windows Server. I've set up a non-standard port to run the service (port 8090) and have set up firewall rules, but I can't seem to make it work. I've also been assured by the hosting company that they don't filter ports so all possible ports would have been blocked by either the router or the machine itself.
I've also set up port forwarding (with similar settings that work on the router). Didn't work.
I've also tried using port 80, then temporarily turning off the Apache server on that machine so it would free up that port. To no avail, alas.
I've also tried Proxypass, with the same failed results:
<Location /tab>
ProxyPass http://release.123-246.com:8090/
ProxyPassReverse http://release.123-246.com:8090/
</Location>
It works on localhost (127.0.0.1:8090) and local network address (192.168.0.4:8090, but only from within the machine's browser) but can't seem to make it work on live (78.46.210.12:8090)
Pretty sure I'm missing something, but I don't know what it is. Help please? I'm welcome to different approaches on this.
Did you check that Tabula is listening on the appropriate interface?
The version of Tabula that is packaged as a Windows application might not bind to the interface fronted by your reverse proxy.
Try this command to make Tabula listen on all available interfaces:
jruby -G -r jbundler -S rackup -o 0.0.0.0 config.ru
I'm trying to set up a malware analysis lab, following the instructions found here:
https://blog.christophetd.fr/malware-analysis-lab-with-virtualbox-inetsim-and-burp/
In setting up inetsim to simulate internet protocols, I keep getting "http_tcp_80 - failed!" everytime I run it. Changing the port it uses in the configuration file to 8080 causes the it to work. When I run it on a different vm, the configuration works as intended.
I have apache also installed on this vm. Could it be interfering?
Edit: I just installed a new vm to try using inetsim without apache installed. HTTP is reported to be running, but now dns_53_tcp_udp is reported to be failing to start. Trying to browse web pages to bring up inetsim's default page fails, regardless of if I use the FQDN or the IP address. The only time I get the page is with localhost. Otherwise, I get server not found. At least I know its not apache.
The error I get with DNS indicates that the 0.0.0.0 ip is already in use, which doesn't make sense to me since 0.0.0.0 is being used to bind the services to all IPs. Changing the inetsim.conf file so "service_bind_address 10.0.0.0" instead of "service_bind_address 0.0.0.0" seems to run dns, but the browser on both the analysis machine and the victim machine still report no server found.
You should stop the Apache server:
service apache2 stop
It works for me.
I guess there are some other processes listening on those ports.
Use
sudo netstat -tulpn | grep LISTEN
It will print out those processes with their pid. For example, 964 is the pid of the first process in this case:
Check if something is occupying your corresponding ports. Shut them down with
sudo kill -9 <pid>
Of course, the busy processes running on those ports may not in listening states but still be able to cause such a problem. So you can check it with
sudo netstat -tulpn
just in case.
Anyway, it does work for me.
Note - I am fully aware that there are lot of similar issues posted before, but I tried NSG settings, psping but nothing seem to work
All, I brought up a RHEL7.3 server on Azure and installed JDK1.8 and Tomcat8. After starting Tomcat, I tried an http request from my browser:
http://XX.yy.zz.abc:8080/ but I was unable to get the index page
I also created an inbound security rule to allow HTTP and also allow IP range from our company.
Even worse is, when I tried pinging to this IP from my desktop computer, I am unable to ping the same - it is timing out.
Please note that in the past, I've been able to bring up servers and be able to connect from desktops without any issues - in a similar azure-companynetwork setup.
Am I missing anything here?
Ok, so pings do not work, you shouldn't even try that. What you should check is the firewall on you RHEL VM and check you've allowed port 8080 on you NSG, also your VM should have a PublicIP attached
According to your description, you had better check as the following ways:
1.Please ensure you could access your web by using 127.0.0.1:8080 on your VM.
2.Check your service listening.
netstat -ant|grep 8080
Please ensure 8080 is listening on tcp not tcp6.
3.Open firewall port on RHEL.
sudo firewall-cmd --zone=public --add-port=8080/tcp --permanent
More information about RHEL firewall please refer to this link.
4.Open port on Azure NSG.
NSG could be associated with NIC and subnet, you should check all of them.
All,
It looks like there is an input firewall inside of RHEL7.3 that is preventing connections. I just stopped it using
service firewalld stop
I am able to get the home page.