Home > Uncategorized > Websocket, Firewall and Proxy oh my…

Websocket, Firewall and Proxy oh my…

You have already create a websocket apps for your realtime data ? That’s good.

Already tested and work on your localhost machine and LAN ? Great

How about deploy it into internet jungle ? What problem do you think will appear ?

The internet is very complex world. Take a look at this one.



You can dig deeper from this article. http://www.infoq.com/articles/Web-Sockets-Proxy-Servers. I quote some of the important thing you need to know.

Without any intermediary servers (proxy or reverse proxy servers, firewalls, load-balancing routers and so on) between the browser and the WebSocket server, a WebSocket connection can be established smoothly, as long as both the server and the client understand the Web Socket protocol. However, in real environments, lots of network traffic is routed through intermediary servers.


Today, most transparent proxy servers will not yet be familiar with the Web Socket protocol and these proxy servers will be unable to support the Web Socket protocol. In the future, however, proxy servers will likely become Web Sockets-aware and able to properly handle and forward WebSocket traffic.

there’s a some solution about that, but we doesn’t guarantee 100% success of websocket connection.

If an encrypted WebSocket Secure connection (wss://) is used, then in the case of transparent proxy servers, the browser is unaware of the proxy server, so no HTTP CONNECT is sent. However, since the wire traffic is encrypted, intermediate transparent proxy servers may simply allow the encrypted traffic through, so there is a much better chance that the WebSocket connection will succeed if an encrypted WebSocket connection is used.


If you have already visited and try this site. You will find this note that state the above problem too.

In some environments the WebSocket connection may fail due to intermediary firewalls, proxies, routers, etc. In that case take advantage of WebSocket’s secure capability and check Use secure WebSocket (TLS). Even if you have no issues you can still feel free to test using a secure connection.


So the conclusion is it’s better to create wss connection than plain ws, not only for security purposes but also to increase the success rate of websocket connection establishment.



Categories: Uncategorized
  1. February 28, 2013 at 2:31 pm

    One feature I think James Bond would have liked to see included is a
    rotating compass bezel on the face of the watch.
    In a solar panel you get the silicon surrounded by a
    protective material and the two are framed in a metal frame.
    Another way to determine estimation is to use a calculator on the internet.

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: