Hello - I am attempting to run BeepBeep through Mochiweb on Port 80. It works if I type sudo ./start_server.sh. Are there any security risks with running Mochiweb like this? If so how to remedy?
Thanks!
Hello - I am attempting to run BeepBeep through Mochiweb on Port 80. It works if I type sudo ./start_server.sh. Are there any security risks with running Mochiweb like this? If so how to remedy?
Thanks!
running any service as root has risk. It's hard to answer your question properly without more information though. Is this a production service or a dev instance you are running?
If production I would recommend running the mochiweb instance on a different port so it can run as a user and then using a proxy like nginx or apache to listen on 80 and forward the request.
You could start it on an unprivileged port and do port-forwarding in your firewall, so that port 80 goes to your unprivileged port.