Using authbind with Node.jsI'm writing a book through O'Reilly called “Distributed Systems with Node.js” that should be published in December 2020. Click here to get more information or to sign up for an announcement.
Deprecation Notice: In general, a Node.js application runs in one of two situations: either for local development or for production (or a facsimile of production). When doing local development, using a port number below 1024 isn't all that useful. When running in production, you should almost always use a reverse proxy instead (see Why should I use a Reverse Proxy if Node.js is Production-Ready? for more information). When this happens, the reverse proxy listens on the desired low port (like
:80). Because of this, I no longer recommend authbind, and instead recommend using a reverse proxy, with Node.js running as an underprivileged user.
After recommending a method for dropping root privileges in a previous post, the community gave a bunch of recommendations for alternative methods of doing the same thing. Several people mentioned authbind, which is a simple utility for running apps and giving them permissions to listen to the privileged ports (below 1024).
Here are some commands you can run to get authbind up and running on your Debian based server. I'm sure that if you have a different distro, you probably only need to change the installation line.
# Install authbind on Debian/Ubuntu sudo apt-get install authbind # Configure authbind sudo touch /etc/authbind/byport/80 sudo chown <USERNAME> /etc/authbind/byport/80 sudo chmod 755 /etc/authbind/byport/80 # Run simple node app authbind node server.js # Run node app with forever authbind --deep forever server.js