EC2 server port forwarding

In an EC2 server, my app is at MyIp:8080/app, and I have a domain name and I would like to forward the domain to the ip…

Two things:

  1. Using “A” in my domain registrar doesn’t take me to my ip number (it should take me to port 80 of my ip)
  2. Once there, how do I redirect the ip to port 8080/app?

Any help on these two issues?


IP adresses and DNS records don’t affect port numbers. You’ll need to run your server at port 80 instead or (most often better) redirect traffic coming to port 80 to 8080. See e.g.
this excellent Jetty wiki page
(most of the stuff is server agnostic).

I use iptables style solution on the servers I administrate. Just be sure to save the rule so your server survives from a reboot.


It worked!! Thank you very much Matti…

Here’s what I did, in case needed:

  1. Forwarded my domain name to my IP using “A” in my registrar DNS record
  2. Typed
    /sbin/iptables -t nat -I PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080
  3. Exported my app as ROOT.war to my webapps folder
  4. Done!

Hope it helps…



I’m now entering to my app via
which I understand is port 443…do I redirect it in the same way? If I do that then it will be
and not

I currently have this in tomcat’s server.xml:

<Connector port="8080" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8443" /> and I should also include:

<Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol" maxThreads="150" SSLEnabled="true" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" keyAlias="server" keystoreFile="/home/user/www_myDomain_com.jks" keystorePass="password" /> But this is not working

Any ideas?


Is your certificate setup properly? Maybe there are some hints in your tomcat log?


Thank you very much Matti…
I managed to use
, but for some reason when I use
(or nothing, just, I get a download prompt window withan empty file, and my page gets nowhere, instead of redirecting to

My server.xml contains the following:

    <Connector port="8080" protocol="HTTP/1.1"
               redirectPort="8443" />


<Connector port="8443" protocol="HTTP/1.1" maxHttpHeaderSize="8192" maxThreads="150"
minSpareThreads="25" maxSpareThreads="75" enableLookups="false" disableUploadTimeout="true"
acceptCount="100" scheme="https" secure="true" SSLEnabled="true" clientAuth="false"
sslProtocol="TLS" keyAlias="server"
keystoreFile="/etc/tomcat7/www_myDomain_com.jks" keystorePass="password" />

now, I also redirected the ports to 8443 and it doesnt work:

# iptables -t nat -L                                                                                                   
target     prot opt source               destination         
REDIRECT   tcp  --  anywhere             anywhere             tcp dpt:http redir ports 8443
REDIRECT   tcp  --  anywhere             anywhere             tcp dpt:https redir ports 8443

Any idea on what is wrong here?


I don’t about your specific setup, but we set the 8080 connector to redirect to port 443 as that’s the standard for HTTPS. We then let iptables NAT redirect 80 to 8080 and 443 to 8443:

[font=courier new]





-A PREROUTING -p tcp -m tcp --dport 443 -j REDIRECT --to-ports 8443
-A PREROUTING -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8080


Be sure your app’s web.xml includes a security constraint confidential if you’d like HTTP to auto-redirect to HTTPS, something like:

Entire Open eSignForms web app


Also, not sure about your SSL, but the key alias defaults to “tomcat” but I presume that keyAlias works if that’s how you set things up and you said https is working for you.

You can perhaps see more in our setup guide (see section on Tomcat and Linux):

Did that and worked!!!..thanks David!!!