Note: I have tested this with firewalls on and off. This is all remote server to server code (there is no browser). I am using ws on centos7.
I have websocket using a https.server
on my good website (good.com who's ip is 77.77.777.7) that does .listen(8000,'good.com')
and successfully allows both good.com's clients and bad.com's clients to connect with new ws(wss://good.com:8000)
In my good.com server code I get the ips
77.77.777.7 connected
66.66.666.6 connected
In good.com's terminal I type
netstat ltn
tcp 0 0 77.77.777.7:8001 0.0.0.0:* LISTEN
That's expected to happen!
But, then I have my bad behaving website (bad.com who's ip is 66.66.666.6) which has the same code. bad.com does .listen(8000,'bad.com')
and any clients do new ws(wss://bad.com:8000)
In my bad.com server code I get the ips
127.0.0.1 connected
... while good.com's request to open a websocket to bad.com times out! So In bad.com's terminal I type
netstat ltn
tcp 0 0 127.0.0.1:8001 0.0.0.0:* LISTEN
If I force bad.com's listen to be .listen(8000,'66.66.666.6')
Then good.com times out while bad.com gets Error: connect ECONNREFUSED 127.0.0.1:8000
Alternatively if I force bad.com's listen to be .listen(8000,'0.0.0.0')
Then good.com times out while bad.com's websocket connects but, In my bad.com server code I get the ips
127.0.0.1 connected
and bad .coms netstat ltn
shows
tcp 0 0 0.0.0.0:8001 0.0.0.0:* LISTEN
Lastly if I listen without any ip .listen(8000)
then good.com's clients timeout but, bad.com's clients connect as ip
::ffff:127.0.0.1 connected
and bad .coms netstat ltn
shows
tcp6 0 0 :::8001 :::* LISTEN
What I think might be happening
Something maybe miss-configured in Apache is telling bad.com 'your name is 127.0.0.1 localhost rather than 66.66.666.6'.
or some sort of node.js settings file(?) is prefering to run apps under localhost rather than the ip.
I don't think this problem is related to: Why is Node.js app accessible only from 127.0.0.1/localhost?
But I do think it is related to Cannot run my Node.Js app with my machine's IP address, but can with localhost
The correct code is listen(8000,'0.0.0.0')
for both sites! The problem was that POODLE attack was disabled on the good site so the bad site could not connect
In /etc/httpd/conf.d/ssl.conf
I commented out SSLProtocol all -SSLv2 -SSLv3
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.