Proxy, Port, and Firewall Issues with Shiny Server Preventing External Access to Web Apps?

[Ross K]

Hello, we are trying to make our web apps hosted on our own installation of Shiny Server (running on Red Hat Enterprise Linux with Apache) accessible to the general public via the internet.  We are a tiny part of a much larger organization and we do not have the authority to open ports ourselves or change firewall rules.  

We can access our apps on port 3838 (e.g., http://university.edu:3838/app1) as planned only when our organization's proxy (e.g., "proxy.university.edu" on port 8080) is off.  Similarly, we can only access RStudio on our server at, for example, http://university.edu:4151/auth-sign-in, with the proxy off.  

On the other hand, we can only access the default Red Hat Enterprise Linux Test Page (screenshot attached) at, for example, http://university.edu, when our organization's proxy is turned on.  From browser diagnostics, it looks like the connection to the Test Page is through port 80. 

Is there a clear solution - do we need to make sure ports 3838 and 4151 are open and accessible through the firewall?  Our main organization's IT folks had told us this was already done, but we are not sure given our experience.  Is there an alternative solution?  For instance, could we somehow make shiny server web apps accessible through port 80, since it appears that connections through that port are working?  Are there any other diagnostic steps you would suggest that might help us focus in on the right things?  

I am not an IT expert, so any help would be greatly appreciated!

Thank you,

Ross          

[Fereshteh Karimeddini]

Ross,

I am not an export in Apache, and also not familiar with how network and firewall is setup, but from what you have described it seems that ports 3838 and 4151 are not always blocked, but they get blocked by the proxy on port 8080. Would be good to know how the proxy is configured that is blocking other ports. 

Have you tried setting up a reverse proxy listening on port 3838? This is how people usually setup their Apache server to access applications that are running  on port 3838 via port 80. I am not sure this would work with your setup, but something to discuss with your IT department.

Let us know if we can help any further,

Fereshteh

[Ross K]

Hello Fereshteh, thank you for your help.  Thankfully, our organization-wide IT responded quickly and opened port 3838 inbound traffic from the internet to our server through the enterprise firewall and everything now works!