Help AWS ipfs connection refused

Hello I have an ec2 on AWS, I have created an IPFS server private because I need a private ipfs node.
If I connect to my aws shell and use curl to add a new file with
curl -X POST 127.0.0.1:5001/api/v0/add -F “file=@text.txt”

it work, but if I do the same from my client don’t.
I recive this message: curl: (7) Failed to connect to XX.XXX.XXX.XXX port 5001: Connection refused
I have open the 5001 port on firewall also on AWS. What I need to do?

The firewall on the local machine might be blocking 5001 as well. Check the local firewall.

Response copied from NAT configuration · Issue #939 · ipfs/ipfs-docs · GitHub

Your API port is exposed in your config file as /ip4/127.0.0.1/tcp/5001 (go-ipfs/config.md at master · ipfs/go-ipfs · GitHub) which means that it’s only listening on the local interface not whatever is exposed to the world. If you’d like you can change that to 0.0.0.0 or something else.

However , doing so will mean that anyone in the world would be able to control your node unless you add some level of protections in front (also given that you’re just using HTTP and not HTTPS the data will also not be encrypted as it’s sent over the wire between your machine and AWS). So definitely beware before doing this.

@thedarkknight197 responded with:

Thank you or your answer, I will try with 0.0.0.0, it’s not a problem because I will have a nodejs middleware that allow access and write data for only user authorized

Thanks @adin for noticing that I had missed that. I was thinking they were exposing the swarm address and overlooked that it was actually the API address since that’s what people are usually trying to expose.

You can also have it listen on a unix socket which I’m sharing because I recently learned you can do that and I feel much more comfortable with it setup that way. I’m guessing it’s not the default because they wanted the default to work on Linux and Windows.