9

I am hosting a web app on amazon aws, using an ec2 instance.

On that instance i will be running only one application. using glassfish v3.0.1

I do not want to run the app using : 

www.mydomain.com:8080 or www.mydomain.com:8181

I just want to use : 

www.mydomain.com or https://www.mydomain.com

so i changed the http-listener-1 and http-listener-2 on glassfish to run on ports (respectively) 80 and 443.

Is this considered bad practice? i'm a software engineer and I usually do not deal with server admin stuff thus not too experienced in those things.

thanks for any guidance.

Andrew B
  • 31,858
  • 12
  • 90
  • 128
ccot
  • 181
  • 2
  • 11
  • Don't bind a web application service directly to port 80 or 443. Doing so implies that you're running a public-facing service as `root`, which is never a good idea. – Skyhawk Aug 09 '16 at 17:54

1 Answers1

14

You could do it, but you are going to run into performance problems first, and security problems second.

Having a "normal" high performance web server answering on port 80/443 and proxying requests to your app server is the way things are usually done. The "normal" server can handle things like static images, JavaScript and CSS much more easily than GlassFish, improving performance. It also will have numerous options for access control, caching, etc.

The Internet is full of sample configurations for setting up a web server (e.g. nginx or Apache) in front of GlassFish, Jetty, Tomcat, or whatever app server you want to use. Depending on whose EC2 AMI you use, one of these web servers may already be pre-configured and ready to go.

Michael Hampton
  • 237,123
  • 42
  • 477
  • 940
  • 3
    +1 for illuminating the benefits of a dedicated front door. Let's add: rolling upgrades, load-balancing, and particularly with AWS the full suite of toys: Elastic Load Balancer, Elastic Beanstalk, CloudFront, etc. – khoxsey Aug 01 '12 at 22:27