Run TheTHE on another port than 443

[MThibault]

Hello,

Sorry if this is not the right place. I am not able to run TheTHE on another port than 443. I have modified the docker-compose.yml (frontend section) and thethe_frontend/default.conf (listen PORT ssl;) but this does not seem to be enough.

Thanks for your help. Regards

[deibit]

Hello @MThibault

We have to add an option to let the user change the default port on start and not assume 443 is free (added for the next release).

Answering your question, the diff below should modify the external mapped port to 7433(HTTPS) and 7373(HTTP), feel free to change the ports. Remember, you have to restart the containers to apply the changes:

Please, give us feedback about this workaround.

Thanks.

diff --git a/docker-compose.yml b/docker-compose.yml
index a82db32..c4f2b64 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -36,8 +36,8 @@ services:
       - ./external/phishtank:/usr/share/nginx/html/static/phishtank
       - ./external/certs:/etc/nginx/certificates
     ports:
-      - 80:80
-      - 443:443
+      - 7373:80
+      - 7433:443
     depends_on:
       - server

[MThibault]

Hello @deibit

Thanks for your answer. Sorry for my late answer. I have run some tests on my server and inside a local VM without success.

But I can see that Docker is filling iptables, with a Docker Chain where the ports are dst:http qnd dst:https.

I wonder if this is not why I can't access the new port from my computer (TheTHE is running either in a VM or on a server).

I remain at your disposal for further testing.

Regards

[MThibault]

To complete my troubleshooting, when I perform an nmap from the server, scanning localhost or my server ip, ports are open, but when I perform the same scan from another computer, ports are closed.

Sorry I cannot help more

[deibit]

Sorry beforehand if I misunderstand your position.

The current configuration in repository bring two open ports that are exposed to your host machine (this is, the system which docker is running, If I recall correctly Docker expose all ports to its 0.0.0.0 by default). Now, you have to expose those mapped ports to the external network and it depends on the system your are running Docker.

We have some thethe installations that are running in a local network with the current configuration (even through a VM) and the ports are reachable. Do you mind to share details on you current setup (SOs, docker version, etc)?

Thanks!

[MThibault]

Thanks for your answer. I have "bridge" my VM, and I was able to access TheTHE. I will have to research why it is not working on my server.

my server has a public IP (so directly accessible from Internet). Debian 10.3 (Buster) Docker version 18.09.1, build 4c52b90

I will try something else and come back to you if any success. Thanks for your help.

EDIT: I already have nginx hosted (not using docker)

[MThibault]

Hello,

I am not an expert in Docker. I will start by installing it locally.

I believe this can be closed. Thanks for your help. It seems the tool is working very well.