Running on phabricator web GUI on additional port

Hi,

I need to forward the web interface via SSH tunnel to be able to access it from at home.
Example: ssh -L4443:phabricator.domain.com:443 gateway

I also redirected phabricator.domain.com to 127.0.0.1 in /etc/hosts to make this working.

Because 443 cannot be used locally without root permissions,
I changed it to be 4443. It works in general, but the website is only loaded partially,
because it still tries to use port 443 to load things dynamically.

I tried to change nginx config on the server side to run also on port 4443 and addition to 443
and then created the tunnel like this:
ssh -L4443:phabricator.domain.com:4443 gateway
I hoped this could fix it. But still the same problem.

What do I need to do to make phab working over 4443 instead of 443?
Or better in addition than instead if possible.

Thanks in advance.
Gerhard.

I found a workaround. It also needs root privileges, but just one time.
I installed the following iptables rule on my colleagues laptops to redirect all traffic on 443 to 4443.

/etc/rc.local:

iptables -t nat -I OUTPUT -p tcp -d 127.0.0.1 --dport 443 -j REDIRECT --to-ports 4443

This way I can locally connect on the usual https port, which get redirected to 4443,
which in turn gets forwarded through SSH to the internal phabricator webserver.

I still would be interested in a solution that works without this trick.

Are you just trying to access an https webserver that’s behind a firewall using ssh forwarding?

This is mostly solved using a SOCKS proxy, which most SSH clients support; Looks like just running ssh -D 9999 hostname will create a SOCKS proxy for you, and you can set your browser to use it.

thats also a valid solution, thx