Goal (for if you have a better solution than my idea): Securely host a purely golang backend webapp on a domain that people don't have to type ":port number" to access. My current situation: I am learning golang, and want to create a golang http-server. (Yes, I know about nginx & reverse-proxy) Right now, my golang's web servers are serving on nonprivileged ports, e.g. 8080, instead of port: 80. (I'd like not to run the golang http server as root to run on a privileged port, but that's just me) I was wanting my golang http server to serve to port 8080 , and have the IPTables monitor port 80 and redirect port 80 requests to my golang server @ 8080 via SNAT. Hopefully I'm making myself clear. I've read some documentation on it, but I'm better at learning by example. Also, with everything on one droplet, I don't need the entire address SNAT'd, just the ports. Relevant environment info: Ubuntu 14.04 x64 golang 1.2.2 putty as my ssh client limited ubuntu xp