Robotbugs Robotbugs - 8 months ago 59
Node.js Question

Best practices when running Node.js with port 80 (Ubuntu / Linode)

I am setting up my first

server on a
cloud Linux node
and I am fairly new to the details of
Linux admin
. (BTW I am not trying to use Apache at the same time.)

Everything is installed correctly, but I found that unless I use the
root login
, I am not able to listen on
port 80
with node. However I would rather not run it as root for security reason.

What is the best practice to:

  1. Set good permissions / user for node so that it is secure / sandboxed?

  2. Allow port 80 to be used within these constraints.

  3. Start up node and run it automatically.

  4. Handle log information sent to console.

  5. Any other general maintenance and security concerns.

Should I be forwarding port 80 traffic to a different listening port?



Port 80

What I do on my cloud instances is I redirect port 80 to port 3000 with this command:

sudo iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3000

Then I launch my Node.js on port 3000. Requests to port 80 will get mapped to port 3000.

You should also edit your /etc/rc.local file and add that line minus the sudo. That will add the redirect when the machine boots up. You don't need sudo in /etc/rc.local because the commands there are run as root when the system boots.


Use the forever module to launch your Node.js with. It will make sure that it restarts if it ever crashes and it will redirect console logs to a file.

Launch on Boot

Add your Node.js start script to the file you edited for port redirection, /etc/rc.local. That will run your Node.js launch script when the system starts.

Digital Ocean & other VPS

This not only applies to Linode, but Digital Ocean, AWS EC2 and other VPS providers as well. However, on RedHat based systems /etc/rc.local is /ect/rc.d/local.