Connecting to Diffusion on Port 80


Diffusion 5.9

Diffusion 6.0

Diffusion 6.1

Diffusion 6.2

Diffusion 6.3

Diffusion Cloud


Connecting to Diffusion over port 80 instead of 8080 is a common request. This guide will work through a resolution to this problem.

Problem

You have a UNIX server and you would like your Diffusion server to be accessible over port 80 instead of 8080. This presents some problems.

  • On UNIX any ports lower than 1024 are privileged. Services using these ports must be run as root.
  • It is not recommended that Diffusion is run as root – therefore it cannot listen to any of the ports 80 (http) or 443 (https)
  • However externally you would like Diffusion accessible over these ports.

Resolution

iptables are used to re-route traffic from port 80 to 80, and port 443 to 8443 1. The following command will configure the machine to accept incoming connections to port 80.

iptables -A INPUT -i eth0 -p tcp --dport 80 -j ACCEPT

2. The following will do the same for port 8080.

iptables -A INPUT -i eth0 -p tcp --dport 8080 -j ACCEPT

3. The final command will perform the rerouting.

iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080

These steps can then be repeated for ports 443 and 8443.

Warning: The iptables command is reserved for the root user. Please double check each command before submitting it as the impact for errors is high.