I got a Selenium server all set up, and for security reasons, I want to make it accept requests from just a specific IP. Is there a way to configure that?
You could configure a firewall on the machine on which your selenium server is running. The firewall would only accept incoming connections from one specific IP.
Related
I have configured my Sonarqube server to be accessed using the reverse proxy mechanism provided by Apache server mod_proxy module.
My question here is, even after the above setup i will be able to access the sonarqube server by hitting the direct sonarqube url ex:http://localhost:9000.
Is there a way i can restrict the access to my sonarqube server only via Apache reverse proxy server, by making simple configuration changes may be in some sonarqube property files.
Or Any other solution for this requirement?
I am using the latest version of Sonarqube 6.1
Ragdu you have to bind SonarQube to localhost. In sonar.properties use : sonar.web.host=127.0.0.1
Obviously you will be able to browse from your server by accessing http://localhost:9000 but only from your server, you won't be able to access through http://{your_server_ip}:9000.
Binding the server to localhost is the correct option, but if for some reason you don't want to touch sonar.properties, or you need to switch to the 'two different boxes approach' you can use the system firewall to filter the access.
In the first case, you drop all packets coming from your network card to port 9000 (but you need to allow the access in the local interface).
In the second one you would only allow the Apache machine's IP to communicate with the port 9000 in the SonarQube machine, all other packets coming to port 9000 would be discarded.
Be careful, in the second case you should implement SSL between Apache and SonarQube or isolate both machines, otherwise the HTTP communication could be sniffed.
Can you run a Selenium server hub behind nginx, to proxy port 443/ssl (or 80 without) to localhost:4444 where Selenium server is bound? My remote nodes won't connect to Selenium server behind nginx, only if I specifically open port 4444 in the firewall and bypass nginx do remote nodes connect.
Not sure if nginx handles this. I imagine the problem is more that your network firewall blocks ports outside 443 and certain others, and expects all traffic to go via HTTPS.
Get your network administrators to allow a punch-through for port 443.
Host your CI platform behind the firewalled network
Look for an alternate way to access the application nodes -- some firewalled networks allow access to public nodes from a private network via a different IP/hostname from the normal ones
I don't think you could really run Selenium on, say, port 80, because the selenium server itself is not quite really a web service.
it's maybe a bit late for answering the question of #xref. However, I have just deployed my Selenium Grid behind Nginx.
In order to do so, I used Docker and Docker-Compose. I describe how to do it here
I hope it will be helpful for you.
I have created a web application in glassfish and I can access it on my LAN.
How can I access the web application from a remote location over internet?
I do not have static IP.
Please reply.
Thanks.
Steps :
Creating virtual DNS(Domain name server) Server on your machine.
Port Forwarding.
Reference https://cookbook.fortinet.com/port-forwarding-60/
Remote Desktop Connection enabling.
Creating Inbound Rules. Reference :
https://www.howtogeek.com/112564/how-to-create-advanced-firewall-rules-in-the-windows-firewall/
Creating account on www.noip.com and create custom host and download DUC (Dynamic Update Client) Software.
Some more steps may have it depends on your LAN Router and firewall configuration.Use http://ifconfig.me/ to get your public ip.
Access from outside your machine should be configured by default. You may check if it is so in admin console, at Configurations->server-config->Network config->Listenters. There should be one listening on the desired port (like 8080) and be bound to 0.0.0.0 address.
To easily access something behind a dynamic ip you need something like http://www.noip.com/ or http://www.dnsomatic.com/ (I took these from my router's control panel)
I did this recently,
first you need to use port forwarding on your router, access it by typing your default gateway path, mine was 192.168.0.1 then go to "advanced settings -> Port forwarding". Simply enter the details that are asked for, I set mine to HTTP using port 8080, yours might be different. Protocol is TCP. The IP address it asks for is your local address.
For quick testing you can disable the firewall on your machine and then you can search on google for your Public IP address by typing "what is my IP".
Then type your ip into the browser and the port number "ipAddress:portNumber"
You should see the glassfish welcome screen if it is successful.
After that you might want to enable your firewall again but then you have to add an inbound rules to allow the port to be used:
Setting Windows inbound rules
Then you still have one last step to perform, allowing glassfish to access the resources on your machine: Adding glassfish to allowed programs
Follow the instructions on adding java.exe only.
I have a server running on my machine. I want to send a request to the server using different IP address to test a web application. I only have the machine on which the server is installed. I have been testing as a single user but now I would like to let the server think that the request is coming from a different ip address even though it is from the same machine. How can I do that?
Here are the 2 solutions that might be possible in your situation
1- To change the ip address :
Pick an ip from the free proxies here: http://www.freeproxylists.net/
And enter the info in firefox just like this page says:
http://www.wikihow.com/Enter-Proxy-Settings-in-Firefox
Note: You may pick a proxy with port 80.
Then you are good to go...
2- Or you might use a Virtual Machine installed on the same computer as the server and access the website right from it but beware not to use bridged connection.
I'm using Windows Vista, I have Apache installed already. Apache is working great, but I want to allow my website to be viewed publicly.
When I entered my ip address(the one hosting the website) on other computers, the page doesn't show up. It just loads but don't show up.
How can I edit my httpd to allow everyone to have access to my website?
Thanks
-- EDITED
Yes, I forwarded it already. Here's the screenie:
alt text http://www.picamatic.com/show/2009/02/26/09/29/2470958_522x128.jpg
Is it correct way? Or do i need to change the port?
You will need to configure the server's firewall to allow incoming connections, and your router to forward connections to the servers.
Also be aware that many ISPs block incoming port 80 connections to avoid having their customers host their own sites (Check your ISP's contract, you may be violating it by hosting a web server)
It's possible to set your router to use a different port and forward it as port 80 to your server if your ISP is blocking port 80. Check with your router's user's manual about forwarding ports. Some routers might not support changing the incoming port to a different one, in which case you would have to change the port Apache runs on as well.
From your screen shot set the public port to something other than 80 (by convention use a port between 1024–49151), and leave the private port to 80.
Also, make sure you're using your public IP on other clients. Do not use the 192.168.. addresses, they're meant only for private networks.
Outside users should then be able to use the link http://[your public router IP]:[new port] to connect.
Be sure if you are using any type of router that you enable "IP forwarding" otherwise your server remains hidden behind it.
This option can be changed on the configuration webpage for the router.
`bstpierre' is correct in that some ISP's block port 80. I use port 8080 myself. Good luck!