This is a great question, and a fairly common concern. The first key is to move out of the mindset of forwarding it via DNS, which is what almost everyone thinks of first in the process. DNS is merely a name translated to IP, so 18.104.22.168:3000 after DNS = mydomain.com:3000, as DNS cannot mask a port.
(I’m using 22.214.171.124 as a sample IP address for this post)
The second key is to recognize how ports are masked by web browsers:
- https://mydomain.com = mydomain.com:443 = 126.96.36.199:443
- http://mydomain.com = mydomain.com:80 = 188.8.131.52:80
Web browsers mask ports 443 and 80 via https or http, as that value instructs the browser to connect on one of those two ports. So what you need to do is have your application served via port 443 (with SSL certificate) or port 80 (no SSL). One way to do this is to change your application configuration to make it listen on one of those ports. Another way is to use a reverse proxy. A reverse proxy takes in requests on port 80 or 443, pulls data from the other port, and serves it to the visitor over the common ports.
Here’s a tutorial for using Apache as a reverse proxy:
In this tutorial, you will set up Apache as a reverse proxy using the `mod_proxy` extension to redirect incoming connections to underlying application server(s) running on the same network. There are instructions on setting up a simple web app using the Flask framework to show how Apache interacts with the real application hidden behind it, but you can also follow this tutorial using your existing application server, if you have one.