Is it bad practice to run a web application server directly on port 80/443

performance port domain-name glassfish

Solution 1:

You could do it, but you are going to run into performance problems first, and security problems second.

Having a "normal" high performance web server answering on port 80/443 and proxying requests to your app server is the way things are usually done. The "normal" server can handle things like static images, JavaScript and CSS much more easily than GlassFish, improving performance. It also will have numerous options for access control, caching, etc.

The Internet is full of sample configurations for setting up a web server (e.g. nginx or Apache) in front of GlassFish, Jetty, Tomcat, or whatever app server you want to use. Depending on whose EC2 AMI you use, one of these web servers may already be pre-configured and ready to go.

Related

Openfiler iSCSI performance
How do I prevent Apache from answering requests for domains I don't host?
Set up BIND9 as DNS Firewall
Do the SSH or FTP protocols tell the server to which domain I am trying to connect?
Do I need a RHEL subscription to install packages?
IPv6: differences between "routed prefix" and "link prefix"?
Accidently ran "chown www-data:www-data / -R" as root
How to run VMWare ESX or ESXi in a virtual machine?
What to look for in a server rack?
systemd: Grant an unprivileged user permission to alter one specific service
Debugger for Iptables
Preventing brute force attacks against ssh?