Learn about our RFC process, Open RFC meetings & more.Join in the discussion! »


0.8.6 • Public • Published

safe-http-server: a command-line http server

safe-http-server is a simple, zero-configuration command-line http server, that only allows connections from localhost. It is powerful enough for production usage, but it's simple and hackable enough to be used for testing, local development, and learning.

This was forked from indexzero/http-server, and the -a command-line argument was disabled.

Installing globally:

Installation via npm:

 npm install safe-http-server -g

This will install safe-http-server globally so that it may be run from the command line.


 safe-http-server [path] [options]

[path] defaults to ./public if the folder exists, and ./ otherwise.

Installing as a node app

 mkdir myapp
 cd myapp/
 jitsu install safe-http-server

If you do not have jitsu installed you can install it via npm install jitsu -g


Starting safe-http-server locally

 node bin/safe-http-server

Now you can visit http://localhost:8080 to view your server

Deploy safe-http-server to nodejitsu

 jitsu deploy

You will now be prompted for a subdomain to deploy your application on

Available Options:

-p Port to use (defaults to 8080)

-a Address to use (defaults to

-d Show directory listings (defaults to 'True')

-i Display autoIndex (defaults to 'True')

-e or --ext Default file extension if none supplied (defaults to 'html')

-s or --silent Suppress log messages from output

--cors Enable CORS via the Access-Control-Allow-Origin header

-o Open browser window after starting the server

-c Set cache time (in seconds) for cache-control max-age header, e.g. -c10 for 10 seconds (defaults to '3600'). To disable caching, use -c-1.

-U or --utc Use UTC time format in log messages.

-P or --proxy Proxies all requests which can't be resolved locally to the given url. e.g.: -P http://someurl.com

-S or --ssl Enable https.

-C or --cert Path to ssl cert file (default: cert.pem).

-K or --key Path to ssl key file (default: key.pem).

-r or --robots Provide a /robots.txt (whose content defaults to 'User-agent: *\nDisallow: /')

-h or --help Print this list and exit.



npm i safe-http-server

DownloadsWeekly Downloads






Last publish


  • avatar