Node.js EACCES error when listening on http 80 port (permission denied)

javascript node.js http express permission-denied
Meet Mehta picture Meet Mehta · Apr 25, 2014 · Viewed 35.3k times · Source

Node.js throws following error while running on http port 80 (default port):-

Error: EACCES, Permission denied
    at Server._doListen (net.js:1062:5)
    at net.js:1033:14
    at Object.lookup (dns.js:132:45)
    at Server.listen (net.js:1027:20)
    at [object Context]:1:3
    at Interface.<anonymous> (repl.js:150:22)
    at Interface.emit (events.js:42:17)
    at Interface._onLine (readline.js:132:10)
    at Interface._line (readline.js:387:8)
    at Interface._ttyWrite (readline.js:564:14)

I figured out that node needs to have root access.

Conventionally we avoid giving root access in normal situation. What's the best practices for using it on port 80 (or port<1024).

This link has the same question but it has only one answer i.e. PREROUTING. While my solution provides other ways as well.

I am writing this to have all answers at one location, as I have to go thorough other resources than PREROUTING. Why not all answers at one location for sharing the knowledge

Answer

Meet Mehta picture Meet Mehta · Apr 25, 2014

FYI: You cannot run socket on ports < 1024 with normal user permission. You need to have root access for it.

There are total 3 ways to solve the error:-

1. Give root access and run it (which is usual one)

2. Redirect to other port

sudo iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3000

Then launch my Node.js on port 3000. Requests to port 80 will get mapped to port 3000.

You should also edit your /etc/rc.local file and add that line minus the sudo. That will add the redirect when the machine boots up. You don't need sudo in /etc/rc.local because the commands there are run as root when the system boots.

Reference Link

3. Give Normal user capability of using sockets as root

Objective:- We are not providing full root access and only giving socket_root permission to access it by normal user to run your server on any port.

we do NOT want to run your applications as the root user, but there is a hitch: your safe user does not have permission to use the default HTTP port (80). You goal is to be able to publish a website that visitors can use by navigating to an easy to use URL like http://localhost.

Unfortunately, unless you sign on as root, you’ll normally have to use a URL like http://localhost:3000 - notice the port number.

A lot of people get stuck here, but the solution is easy. There a few options but this is the one I like. Type the following commands:

sudo apt-get install libcap2-bin
sudo setcap cap_net_bind_service=+ep `readlink -f \`which node\``

Now, when you tell a Node application that you want it to run on port 80, it will not complain.

Reference Link

General Info Reference link from apache

Related questions

Error: request entity too large

I'm receiving the following error with express: Error: request entity too large at module.exports (/Users/michaeljames/Documents/Projects/Proj/mean/node_modules/express/node_modules/connect/node_modules/raw-body/index.js:16:15) at json (/Users/michaeljames/Documents/Projects/Proj/mean/…

Read More
Difference between res.send and res.json in Express.js

What is actual difference between res.send and res.json as both seems to perform same operation of responding to client.

Read More
Empty body in fetch post request

i'm struggling with the fetch API in javascript. When i try to POST something to my server with fetch, the request body an empty array. But when i use Postman it works... Here is my server code in NodeJS : const …

Read More