I am trying to run a Flask website using HTTPS. The website worked perfectly using HTTP, but once I added a certificate I can no longer connect to it.
from flask import Flask
app = Flask(__name__)
#app.route('/')
def hello():
return '<b>hello world!'
if __name__ == '__main__':
# The following line is one option I tried.
# app.run(ssl_context='adhoc', host='0.0.0.0', port='80')
# The following line is another option I tried.
# app.run(ssl_context=('cert.pem', 'key.pem'), host='0.0.0.0', port='80')
# The following line works totally fine, but is not HTTPS.
app.run('0.0.0.0', '80')
All the code is in a file called main.py which I am running on a Ubuntu machine with the command sudo -E python3 main.py.
Running with app.run('0.0.0.0', '80') gives me this output (which is normal, and I can connect):
* Serving Flask app 'main' (lazy loading)
* Environment: production
WARNING: This is a development server. Do not use it in a production deployment.
Use a production WSGI server instead.
* Debug mode: off
* Running on all addresses (0.0.0.0)
WARNING: This is a development server. Do not use it in a production deployment.
* Running on http://127.0.0.1:80
* Running on http://192.168.1.34:80 (Press CTRL+C to quit)
Running with either other option gives me this output (which is normal, but I CAN'T connect):
* Serving Flask app 'main' (lazy loading)
* Environment: production
WARNING: This is a development server. Do not use it in a production deployment.
Use a production WSGI server instead.
* Debug mode: off
* Running on all addresses (0.0.0.0)
WARNING: This is a development server. Do not use it in a production deployment.
* Running on https://127.0.0.1:80
* Running on https://192.168.1.34:80 (Press CTRL+C to quit)
Extra Information:
I was following a very helpful tutorial here: https://blog.miguelgrinberg.com/post/running-your-flask-application-over-https, and it seems like everything is working as intended (which is why I came to Stack Overflow to ask this question).
I have pyopenssl installed.
I ran openssl req -x509 -newkey rsa:4096 -nodes -out cert.pem -keyout key.pem -days 365 and it executed fine. The cert.pem and key.pem files were (I assume) correctly generated.
SSL usually runs via port 443, so changing it to that might fix the problem. If you look closely in the tutorial, they haven't defined it at all and let Flask figure out where to run itself.
If your browser simply tells you that "Your connection is not private" or "Can't verify certificate" or something along those lines, you can usually skip that message. But should use something like Let's Encrypt if you wanna go public with your WebApp.
This question already has an answer here:
How does docker network work?
(1 answer)
Closed 1 year ago.
I have created a flask api and hosted it as a docker image. The dockerfile of the image looks like this:
FROM pymesh/pymesh:latest
WORKDIR /apiapp
RUN pip install flask
EXPOSE 5000
COPY . /apiapp
ENV FLASK_APP=feature_extract_api.py
# ENTRYPOINT ['/bin/bash']
CMD ["flask", "run", "--host", "0.0.0.0"]
The app.run() inside the original python file looks like this:
if __name__=='__main__':
app.run()
The terminal while running the docker container shows this:
(dockerenv) D:\Siemens\Docker Pymesh API>docker run -p 5000:5000 pymeshapi:trial
* Serving Flask app 'feature_extract_api.py' (lazy loading)
* Environment: production
WARNING: This is a development server. Do not use it in a production deployment.
Use a production WSGI server instead.
* Debug mode: off
* Running on all addresses.
WARNING: This is a development server. Do not use it in a production deployment.
* Running on http://172.17.0.2:5000/ (Press CTRL+C to quit)
However, when I go to the link http://172.17.0.2:5000/, I get no response. But when I run
http://localhost:5000/, I get a valid response.
Why is this happening?
Thank You
The 'trick' with using the bridge network IP address doesn't work on Windows, due to how it runs Docker.
The recommended way is to map the port and use localhost.
I'm not sure if this is Flask specific, but when I run an app in dev mode (http://localhost:5000), I cannot access it from other machines on the network (with http://[dev-host-ip]:5000). With Rails in dev mode, for example, it works fine. I couldn't find any docs regarding the Flask dev server configuration. Any idea what should be configured to enable this?
While this is possible, you should not use the Flask dev server in production. The Flask dev server is not designed to be particularly secure, stable, or efficient. See the docs on deploying for correct solutions.
The --host option to flask run, or the host parameter to app.run(), controls what address the development server listens to. By default it runs on localhost, change it to flask run --host=0.0.0.0 (or app.run(host="0.0.0.0")) to run on all your machine's IP addresses.
0.0.0.0 is a special value that you can't use in the browser directly, you'll need to navigate to the actual IP address of the machine on the network. You may also need to adjust your firewall to allow external access to the port.
The Flask quickstart docs explain this in the "Externally Visible Server" section:
If you run the server you will notice that the server is only
accessible from your own computer, not from any other in the network.
This is the default because in debugging mode a user of the
application can execute arbitrary Python code on your computer.
If you have the debugger disabled or trust the users on your network,
you can make the server publicly available simply by adding
--host=0.0.0.0 to the command line:
$ flask run --host=0.0.0.0
This tells your operating system to listen on all public IPs.
If you use the flask executable to start your server, use flask run --host=0.0.0.0 to change the default from 127.0.0.1 and open it up to non-local connections.
If you run the server you will notice that the server is only
accessible from your own computer, not from any other in the network.
This is the default because in debugging mode a user of the
application can execute arbitrary Python code on your computer.
If you have the debugger disabled or trust the users on your network,
you can make the server publicly available simply by adding
--host=0.0.0.0 to the command line:
$ flask run --host=0.0.0.0
This tells your operating system to listen on all public IPs.
Reference: https://flask.palletsprojects.com/quickstart/
Try this if the 0.0.0.0 method doesn't work
Boring Stuff
I personally battled a lot to get my app accessible to other devices(laptops and mobile phones) through a local-server. I tried the 0.0.0.0 method, but no luck. Then I tried changing the port, but it just didn't work. So, after trying a bunch of different combinations, I arrived to this one, and it solved my problem of deploying my app on a local server.
Steps
Get the local IPv4 address of your computer.
This can be done by typing ipconfig on Windows and ifconfig on Linux
and Mac.
Please note: The above step is to be performed on the machine you are serving the app on, and on not the machine on which you are accessing it. Also note, that the IPv4 address might change if you disconnect and reconnect to the network.
Now, simply run the flask app with the acquired IPv4 address.
flask run -h 192.168.X.X
E.g. In my case (see the image), I ran it as:
flask run -h 192.168.1.100
On my mobile device
Optional Stuff
If you are performing this procedure on Windows and using Power Shell as the CLI, and you still aren't able to access the website, try a CTRL + C command in the shell that's running the app. Power Shell gets frozen up sometimes and it needs a pinch to revive. Doing this might even terminate the server, but it sometimes does the trick.
That's it. Give a thumbs up if you found this helpful.😉
Some more optional stuff
I have created a short Powershell script that will get you your IP address whenever you need one:
$env:getIp = ipconfig
if ($env:getIp -match '(IPv4[\sa-zA-Z.]+:\s[0-9.]+)') {
if ($matches[1] -match '([^a-z\s][\d]+[.\d]+)'){
$ipv4 = $matches[1]
}
}
echo $ipv4
Save it to a file with .ps1 extension (for PowerShell), and run it on before starting your app. You can save it in your project folder and run it as:
.\getIP.ps1; flask run -h $ipv4
Note: I saved the above shellcode in getIP.ps1.
Cool.👌
Add host='0.0.0.0' to app.run`.
if __name__ == '__main__':
app.run(host='0.0.0.0', port=5000)
If you get OSError: [WinError 10013] An attempt was made to access a socket in a way forbidden by its access permissions on Windows, you either don't have permission to use the port, or something else is using it which you can find with netstat -na|findstr 5000.
Check whether the particular port is open on the server to serve the client or not?
in Ubuntu or Linux distro
sudo ufw enable
sudo ufw allow 5000/tcp //allow the server to handle the request on port 5000
Configure the application to handle remote requests
app.run(host='0.0.0.0' , port=5000)
python3 app.py & #run application in background
If your cool app has it's configuration loaded from an external file, like in the following example, then don't forget to update the corresponding config file with HOST="0.0.0.0"
cool.app.run(
host=cool.app.config.get("HOST", "localhost"),
port=cool.app.config.get("PORT", 9000)
)
If you're having troubles accessing your Flask server, deployed using PyCharm, take the following into account:
PyCharm doesn't run your main .py file directly, so any code in if __name__ == '__main__': won't be executed, and any changes (like app.run(host='0.0.0.0', port=5000)) won't take effect.
Instead, you should configure the Flask server using Run Configurations, in particular, placing --host 0.0.0.0 --port 5000 into Additional options field.
More about configuring Flask server in PyCharm
You can also set the host (to expose it on a network facing IP address) and port via environment variables.
$ export FLASK_APP=app.py
$ export FLASK_ENV=development
$ export FLASK_RUN_PORT=8000
$ export FLASK_RUN_HOST=0.0.0.0
$ flask run
* Serving Flask app "app.py" (lazy loading)
* Environment: development
* Debug mode: on
* Running on https://0.0.0.0:8000/ (Press CTRL+C to quit)
* Restarting with stat
* Debugger is active!
* Debugger PIN: 329-665-000
See How to get all available Command Options to set environment variables?
Go to your project path on CMD(command Prompt) and execute the following command:-
set FLASK_APP=ABC.py
SET FLASK_ENV=development
flask run -h [yourIP] -p 8080
you will get following o/p on CMD:-
Serving Flask app "expirement.py" (lazy loading)
Environment: development
Debug mode: on
Restarting with stat
Debugger is active!
Debugger PIN: 199-519-700
Running on http://[yourIP]:8080/ (Press CTRL+C to quit)
Now you can access your flask app on another machine using http://[yourIP]:8080/ url
For me i followed the above answer and modified it a bit:
Just grab your ipv4 address using ipconfig on command prompt
Go to the file in which flask code is present
In main function write app.run(host= 'your ipv4 address')
Eg:
Create file .flaskenv in the project root directory.
The parameters in this file are typically:
FLASK_APP=app.py
FLASK_ENV=development
FLASK_RUN_HOST=[dev-host-ip]
FLASK_RUN_PORT=5000
If you have a virtual environment, activate it and do a pip install python-dotenv .
This package is going to use the .flaskenv file, and declarations inside it will be automatically imported across terminal sessions.
Then you can do flask run
This answer is not solely related with flask, but should be applicable for all cannot connect service from another host issue.
use netstat -ano | grep <port> to see if the address is 0.0.0.0 or ::. If it is 127.0.0.1 then it is only for the local requests.
use tcpdump to see if any packet is missing. If it shows obvious imbalance, check routing rules by iptables.
Today I run my flask app as usual, but I noticed it cannot connect from other server. Then I run netstat -ano | grep <port>, and the local address is :: or 0.0.0.0 (I tried both, and I know 127.0.0.1 only allows connection from the local host). Then I used telnet host port, the result is like connect to .... This is very odd. Then I thought I would better check it with tcpdump -i any port <port> -w w.pcap. And I noticed it is all like this:
Then by checking iptables --list OUTPUT section, I could see several rules:
these rules forbid output tcp vital packets in handshaking. By deleting them, the problem is gone.
I had the same problem, I use PyCharm as an editor and when I created the project, PyCharm created a Flask Server. What I did was create a server with Python in the following way;
basically what I did was create a new server but flask if not python
I hope it helps you
This finally worked for me.
import os
Then place this at the end of your python app.py or main file.
if __name__ == "__main__":
port = int(os.environ.get("PORT", 5000))
app.run(host='0.0.0.0', port=port)
go to project path
set FLASK_APP=ABC.py
SET FLASK_ENV=development
flask run -h [yourIP] -p 8080
you will following o/p on CMD:-
* Serving Flask app "expirement.py" (lazy loading)
* Environment: development
* Debug mode: on
* Restarting with stat
* Debugger is active!
* Debugger PIN: 199-519-700
* Running on http://[yourIP]:8080/ (Press CTRL+C to quit)
If none of the above solutions are working, try manually adding "http://" to the beginning of the url.
Chrome can distinguish "[ip-address]:5000" from a search query. But sometimes that works for a while, and then stops connecting, seemingly without me changing anything. My hypothesis is that the browser might sometimes automatically prepend https:// (which it shouldn't, but this fixed it in my case).
In case you need to test your app from an external network.
Simply serve it to the whole Internet with ngrok.com
which will deploy it like a dev server but in no time and locally, saved me a lot of time, and no, I'm not related to that company :)
Just make sure to change the port in your flask app:
app.run(host='0.0.0.0', port=80)
I have a flask app that runs a couple of things based on the user call. In this app, I also have one basic endpoint that just returns a string which would help me to see if the app is running or not.
#app.route("/hello")
def hello():
return "Hello World!"
Now I tried to dockerize this app using this tutorial from the official docker site. The flask app listens on the port 5000 and so I added an entry in my Dockerfile to expose the port 5000.
EXPOSE 5000
And the command that I am using in the Dockerfile to run the app is
CMD ["python","model.py"]
model.py file has the flask code that calls other functions based on the user input.
Now when I run my app after containerizing it, I see the required output on the terminal that the flask app is indeed running. This is the command that I used to run the app.
docker run -p 5000:5000 firstContainer
When I try to call the basic helloWorld method above by using the request http://localhost:5000/hello, I get an error message saying that the site is unavailable. Is there anything that I am doing wrong wrt the port mappings here? How do I fix this issue ?
EDIT: Adding more details
So I tried to go into the container to see what's happening and I was able to view the files that were available on the container and they look good. When I tried to start the app again in the container using the base command
python model.py
it returned an error saying that the port is already in use. So this should mean that the app is indeed listening on the port. I also installed curl inside the container to browse the URL and it returned the expected string when I ran it inside the container. I just don't understand how I can expose it to outside world
EDIT 2:
Container logs
* Serving Flask app "model" (lazy loading)
* Environment: production
WARNING: Do not use the development server in a production environment.
Use a production WSGI server instead.
* Debug mode: on
The problem is the server defaults to answer internal requests only. You have two options.
You can set the host programatically to:
0.0.0.0
Use the CMD:
flask run --host=0.0.0.0`
Tip: There is also a container running flask behind ngnix out-of-the-box.
try this :
docker run --rm -it --network=host -p 5000:5000 firstContainer
the problem is probably related to networking. so --network=host connects the container to underlying host.
I have the same issue on my Flask App in the docker container. I have used --network=host and resolved the issue.
# docker run -it -p 8080:8080 --network=host mbilgen/metacriticv3:1.0
WARNING: Published ports are discarded when using host network mode
* Serving Flask app "main" (lazy loading)
* Environment: production
WARNING: Do not use the development server in a production environment.
Use a production WSGI server instead.
* Debug mode: on
* Running on http://127.0.0.1:8080/ (Press CTRL+C to quit)
* Restarting with stat
* Debugger is active!
* Debugger PIN: 258-420-336
127.0.0.1 - - [12/May/2019 03:55:08] "GET / HTTP/1.1" 200 -
127.0.0.1 - - [12/May/2019 03:55:13] "GET /games HTTP/1.1" 200 -
INFO:werkzeug:127.0.0.1 - - [12/May/2019 03:55:13] "GET /games HTTP/1.1" 200 -