I’m new to creating web apps. Thanks for the help so far - got my first app running with Lifeboat (build 149) on a AWS Lightsail server. My app simply responds to JSON in a POST using App.HandleURL and responds with a Response.Write, send a reply JSON. I have ‘SSL Mode’ in Lifeboat set to ‘Force’ and all seems to work fine.
My question, I see in the IDE Build Settings > Shared > Port and ‘SSL Port’ fields are empty. Do or should I set these to something? By not entering anything here does this allow you to access the web app via any port or does Lifeboat handle this for me? Thanks again @Tim_Parnell for a great app.
Lifeboat handles that for you. If you set to force SSL your site can only be accessed at port 443 (https).
What Lifeboat does (among other things) is to configure Nginx as a reverse proxy that handles the SSL certificate and the connections from the browser, the Webapp also runs and Lifeboat configures the communication between Nginx and your Webapp(s) running on the server.
Lifeboat installs a firewall - firewalld on CentOS and ufw on Debian and Ubuntu. Initially, Lifeboat configures ports 80 and 443 open for inbound web requests and opens the currently active SSH port. All other inbound ports are closed. To protect the server from brute-force attacks, fail2ban intrusion prevention software is installed.
I’m sure that Tim will comment here soon, but I hope this information is helpful in the mean time.
As Alberto said, Lifeboat manages the port assignments for you. You won’t need to worry about any of that “under the hood” stuff, and your web apps will always (and only) be accessible like normal websites.
What’s going on behind the scenes is that Lifeboat is launching your app passing a port assignment by command line argument. This overrides the build setting, so even if you set something Lifeboat can still manage the app for you
Lifeboat configures the firewall to prevent accessing your web apps directly. When you set SSL to “Force” you can be sure someone is connected securely. You can check this with the Session.Secure property.
Hopefully this adds some more information to help understand what Lifeboat does. Alberto hit the nail on the head with the answers to both of your questions. I am extremely grateful for the community support while I am away!
