Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Mochiweb Port 80

I am attempting to run BeepBeep through Mochiweb on Port 80. It works if I type sudo ./start_server.sh. Are there any security risks with running Mochiweb like this? If so how to remedy?

Thanks!

like image 498
ewindsor Avatar asked Sep 29 '09 00:09

ewindsor


2 Answers

running any service as root has risk. It's hard to answer your question properly without more information though. Is this a production service or a dev instance you are running?

If production I would recommend running the mochiweb instance on a different port so it can run as a user and then using a proxy like nginx or apache to listen on 80 and forward the request.

like image 80
Jeremy Wall Avatar answered Oct 27 '22 09:10

Jeremy Wall


You could start it on an unprivileged port and do port-forwarding in your firewall, so that port 80 goes to your unprivileged port.

like image 44
Christian Avatar answered Oct 27 '22 11:10

Christian