0

I have a question because I'm not sure how to approach this and don't know if my thinking is correct.

I have a Linux Server (CentOS/RHEL 7). On that server I have an application - r-shiny. It creates its own "web server" for displaying graphs. It creates it on port 3838 (with or without SSL - depends how I change the config files). I wanted to add a simple login page so I installed httpd with PHP to handle this. You login - the server forwards you to 3838. Works good - but not how I would like it. So I added a simple HTML page with iframe to load the graphs on port 3838 - not ideal, but the port 3838 is partly hidden (not visible until you go to the source of the page - in which it is of course obfuscated a tiny bit).

But I want to block it off completely - make the port 3838 not visible to the outside world.

I was thinking about setting up a reverse proxy to handle it all - you go to site at 80/443 which loads through reverse proxy a site from localhost on port 3838.

But I'm simply not sure if this way of thinking is correct.

Image with what I'm all about - first and second are the current setup. Third is what I would like to achieve.

Any thoughts would be nice to hear - or just pointers how to set it up more or less correctly.

Moorti
  • 3
  • 1
  • 2
    The reverse proxy approach is the norm for web applications of all types and languages (except PHP, for historical reasons, and Python, for other historical reasons). See [here](https://support.rstudio.com/hc/en-us/articles/213733868-Running-Shiny-Server-with-a-Proxy) for more info. – Michael Hampton Jul 17 '20 at 18:24
  • You also need to configure shiny to only be accessible from 127.0.0.1, otherwise it could still be accessed directly on port 3838. See https://support.rstudio.com/hc/en-us/articles/200552316-Configuring-the-Server. – Konrad Botor Jul 17 '20 at 19:31

0 Answers0