This is one of those things that is much safer than it was before, and can probably be overturned. However nobody will actually do it out of fear, and these ports will be locked up for decades more.
goloroden•3mo ago
Sad but true.
arjvik•3mo ago
These days, you really don’t need multiple ports, reverse proxies that disambiguate via subdomain or path are incredibly easy to configure.
gnabgib•3mo ago
You've never needed, there's nothing new these days, just as many poorly configured apps that assume they're on a root path.
Reverse proxies are terrible to configure, add processing overhead to every request, violate security boundaries (cookies, localstore, CSP and other security headers are now shared) and introduce new bugs (rewrite didn't know a header, HTML element, JS variable, CSS text should/shouldn't be adjusted).
01HNNWZ0MV43FF•3mo ago
Yeah but if you have odd security needs and you don't want to terminate TLS in the cloud, you might not want that setup
MoltenMan•3mo ago
Genuinely asking: is it against HN ethos to leave a comment warning that this is LLM slop? If yes I can delete this comment. I just wish I had known before I clicked on the link.
FearNotDaniel•3mo ago
Hey ChatGPT, please summarize this ChatGPT generated blogpost to quickly reveal the one piece of actionable knowledge without burying it in layers of fake narrative, manufactured drama and internally-inconsistent pretence at self reflection. Thank you. Good bot.
1970-01-01•3mo ago
goloroden•3mo ago
arjvik•3mo ago
gnabgib•3mo ago
Reverse proxies are terrible to configure, add processing overhead to every request, violate security boundaries (cookies, localstore, CSP and other security headers are now shared) and introduce new bugs (rewrite didn't know a header, HTML element, JS variable, CSS text should/shouldn't be adjusted).
01HNNWZ0MV43FF•3mo ago