Secure Proxy

[srossross]

How would I go about setting up a reverse proxy such that the node-http-proxy is the only process that can connect to the server that is being proxied to?

For example:
If I have the proxy running on 8080 and my server running on 8081
I want to ban people from connecting to 8081 directly. If have an insecure network and I can not modify the firewall rules, is it possible to do this with SSL or any other configuration?

[Rush]

If your reverse proxy runs on the same server you should bind to the local IP only on your application: http://nodejs.org/api/net.html#net_server_listen_port_host_backlog_callback
server.listen(3000, '127.0.0.1')
Otherwise your application may detect if the request was done by a proxy via header x-forwarder-for and cross-checking that with origin ip would allow you to be relative sure where the request comes from.

[srossross]

@RushPL thanks that works for now. If anyone else has an encrypted solution that would be great, thanks. Perhaps there is a way to do this with a self signed cert?

[Rush]

Glad it helped. Frankly, I do not see a point in using encryption here. You are connecting on local sockets so nobody (except admin) could be listening in.

[srossross]

I have a situation where users could login to the network via ssh. They are typically trusted users, but I would prefer to secure the connection.

[jcrugzz]

@srossross You should be able to proxy https -> https if there is a need. if this is not exposed or documented well I'll look into clarifying that

[jcrugzz]

@srossross to clarify, please checkout my answer in #563