Topic on Project:Support desk

Best practice to hide the open port from node.js /parsoid API

4
Summary by AL Bremen

Change the parsoid listining interface.

AL Bremen (talkcontribs)

Hi, i have installed Mediawiki 1.29 on an Apache 2 with php7.0,mariadb and the extension Visualeditor.

The VisualEditor needs parsoid / node.js.

It works all fine.

But now i have an open Port (8000) with the API service.

How can i hide this port? Or how can i make it secure, that the api is not accessible from the internet?

It seems for me, that the visualEditor demo from the MediaWiki site dont have an extra Port open.

Is there a proxy between?

Nice greetings, André

Ciencia Al Poder (talkcontribs)

I haven't set up parsoid myself, but if this port is only used internally by MediaWiki and not requested from the browser, it should be restricted by a firewall. For example, allowing only connections from localhost (if it's set on the same server of MediaWiki) or from the server where MediaWiki is installed. On linux it can be done with iptables.

AL Bremen (talkcontribs)

THx for answer, i will try it and report after i tested.

AL Bremen (talkcontribs)

ok, i figured it out :) I dont need to block the port with a firewall.

I only change in the parsoid config.yaml the listining Interface to 127.0.0.1 and now there ist no open port.