Server Port and Host
The start command will scan your system and find a random port that is not currently in use to start the server on. This ensures that multiple embedded servers can run at the same time on the same host without collisions. Ensure any redirects in your applications take the port into account.

Any Port in the Storm

You may want to set a specific port to use-- even port 80 if nothing else is using it. Pass the HTTP port parameter to the start command like so:
1
start port=8080
Copied!
It is also possible to save the default port in your server.json. Add a web.http.port property, or issue the following command:
1
server set web.http.port=8080
2
server show web.http.port
Copied!
Now every time you start your server, the same port will be used.
If the server won't start or is unreachable, make sure it's port is free with your operating system's netstat command. On Unix-based OS's:
1
$> netstat -pan | grep 80
Copied!

HTTPS

You can start your server to listen for SSL connections too.
1
start SSLEnable=true SSLPort=443
Copied!
1
server set web.SSL.enable=true
2
server set web.SSL.port=8080
3
server show web.SSL.enable
4
server show web.SSL.port
Copied!

HTTP/2

HTTP/2 is a newer standard of HTTP supported by all modern browsers. HTTP/2 is enabled by default any time you are using an HTTP/HTTPS listener, however all major browsers will only allow the server to negotiate HTTP/2 over an HTTPS connection. HTTP/2 runs over the same port and only changes the exchange between the server and browser. You can disable HTTP/2 support like so:
1
server set web.http2.enable=false
Copied!
If you want to confirm whether your browser is using HTTP/2, you can open your debugging tools and look at the network requests. You may need to add the "protocol" column in the UI. HTTP/2 will usually show up as something like "h2" in the protocol column.

AJP

You can start your server to listen for AJP connections too.
1
start AJPEnable=true AJPPort=8009
Copied!
1
server set web.AJP.enable=true
2
server set web.AJP.port=8009
3
server show web.AJP.enable
4
server show web.AJP.port
Copied!

AJP Secret

CommandBox's AJP listener (provided by Undertow) is already protected against the Ghostcat vulnerability. However, if you would like to set up an AJP secret as well to ensure all requests coming into the AJP listener are from a trusted source, you can do by setting the web.ajp.secret property.
1
server set web.AJP.secret=mySecret
Copied!
For this to work, you must also configure your AJP proxy in your web server to send the same secret! For requests received to the AJP listener which do not contain the secret, a 403 status code will be returned. You can customize the output of the 403 page via the Error Pages settings.
The AJP secret is implemented via a Server Rule. Feel free to add your own server rule instead of this setting if you want to customize how it works.
1
equals(%p, 8009) and not equals(%{r,secret}, 'mySecret') -> set-error(403)
Copied!

A Gracious Host

Your application may rely on a specific host name other than the default of 127.0.0.1. You can set the host to anything you like, but you must add a host file entry that resolves your host name to an IP address assigned to your network adapter (usually 127.0.0.1)
1
start host=mycoolsite.local
Copied!
If you have multiple IP addresses assigned to your PC, you can bind the server to a specific IP using the host parameter.
1
start host=192.168.10.15 port=80
Copied!
A server configuration can only have one host entry. If you require your server to be available on multiple IP addresses of the machine it runs on, you can set the host to 0.0.0.0. This will effectively bind the server to all network interfaces (including local).
1
start host=0.0.0.0 port=80
Copied!
Or save in server.json
1
server set web.host=mycoolsite.local
2
server show web.host
Copied!
Most modern browsers allow you to make up any subdomain you want before localhost such as mySite.localhost and will simply resolve them to localhost (127.0.0.1) even without a hosts file entry. CommandBox now supports using these domains and will bind your server's ports to localhost even without using the commandbox-hostupdater module.
1
server set web.host=mySite.localhost
Copied!

Customize URL that opens for server

By default, CommandBox will open your browser with the host and port of the server. You can customize the exact URL that opens. This setting will be appended to the current host and port.
1
server set openBrowserURL=/bar.cfm
Copied!
Or you can completely override the URL if your setting starts with http://.
1
server set openBrowserURL=http://127.0.0.1:59715/test.cfm
Copied!
Last modified 8mo ago