Hi I have node js application. I run it locally as :
http.createServer(processRequest).listen(1337);
To rich my application in browser I need to write: localhost:1337/index.html
So I have 2 questions:
If I want to rich my application as www.myapp.dev/index.html instead of localhost:1337/index.html, what I need to change in my code?
I bought domain www.myserver.com, what I need to put in my app in order to do it work in this domain?
Thanks.
You need to change 1337 to 80 (technically you don't need to do that, you could run an proxy on port 80 instead).
Nothing
Your app isn't paying attention to the Host header, so it doesn't matter what Host header the browser sends.
Outside the app you will need to configure your DNS to point the hostname at your IP address.
Related
I have an app running on a server where I access using the servers ip. But now I need to have a subdomain configured in order to make an external API work but I have no clue of how achieve it.
Now I access to my server using IP -> XX.XXX.XXX.XXX:3000
And I need to change it for something like -> myapp.companyname.com
You don’t, because the Internet doesn’t work that way.
You create the subdomain by configuring the DNS server for the domain to point that subdomain at the IP address.
If you want to change the port number (from the default of 80 to 3000) without putting it in the URL itself, then you need to change the Node.js program or put a proxy server in front of it.
This is indeed a notorious problem with distributed web development. Presumably your API requires you to register your own hostname in some sort of allow-list, and then checks incoming requests for matches to that allow-list. (Why? Cybercreeps.)
You need to find out the IP address of your development machine (not 127.0.0.1, that's the loopback IP and every machine has it). It's OK if your development machine's address is on a private network, like '192.168.0.20for example. Give the commandifconfigand look for the address (it'sipconfig` on Windows).
You then need to put that IP address into a DNS server.
Here's a free way to do that.
Create a FreeDNS account by visiting https://freedns.afraid.org/
Click on Subdomains.
Click the Add link.
Create a subdomain hostname under one of FreeDNS's public domains. Maybe javier.ortega.mooo.com is a good choice
Put your machine's IP address into it.
Then, use https://javier.ortega.mooo.com:3000 to hit your development machine's nodejs app.
You can pay FreeDNS to register your own domain name and use that if you prefer.
The solution I needed was modifying the file hosts from -> system32/divers/etc/hosts and adding there the configuration relative to the ip - domain relation I was lookin for.
I am running a web application on Ubuntu, and serve it with http-server. Because there are more instances of this application running (with some differences between the instances), most of them have a portnumber behind them. However, I would like to have one root web application which now runs on example.com:1234 to be accesible on example.com
Are there any other ways to make this possible?
I have tried using the --proxy flag of http-server, but I can't seem to make the URL work. There is another package called http-proxy, but this would take some time to make it work (extra code). I hope there is a simpler solution than installing another node package.
Well I don't think you could change the port number, but if you want to change the host name you could just do the following,
/etc/hosts (or it's equivalents on other OS's) is used to resolve hostnames to some ip without asking to dns servers.
You can use in your /etc/hosts:
127.0.0.1 myserver.com
And then open http://myserver.com:3333 in your browser and it will connect to 127.0.0.1 to 3333 port.
I am talking about things locally. Otherwise host your server and bind it using ngnix.conf or IP tables.
If root web application is already running, if it facilitates changing port number you can change that to port number example.com:80, so that it will automatically picked up when you hit the URL with example.com.
I don't know if this question is the most appropriate way to ask it. But I am really confused on how Node.JS works. I consider myself an advance JavaScript user/developer but I cant get a knack on how to implement Node.JS as a replacement for PHP.
I have been used to developing sites with PHP as it's backend. But now I want to change to Node.JS. Now I'm really confused when watching tutorials about node. I've seen that it always needs cli to be open, and when a user visits your site, do they need to enter port number into the URL in order for the node script to work?
Another question (if I hadn't already asked a million of them) is node.js considered safe if I use it as backend and put my Database details into the script? I'm just confused because if you enter the app.js path into the URL, the user can see all it's content not like PHP.
Thank you in advance!
If you are a NodeJS beginner and looking to host your app somewhere I recommend using EvenNode or Heroku to host your simple node applications until you have a better understanding on how NodeJS works.
Some docs on node hosting on these platforms
EvenNode : docs
Heroku : docs
To answer your other questions :
when a user visits your site, do they need to enter port number into the URL in order for the node script to work?
It depends on your setup. You can choose to run your node application server on a specific port or can always opt to run it on port 443 (https) or port 80 (http) and the client certainly wouldn't need to specify a port in the host name.
is node.js considered safe if I use it as backend and put my Database details into the script?
Yes, NodeJS is safe. NodeJS is server side language just like Java, C#, Python, etc. It is safe so long as you don't expose any sensitive data, such as database connection information, publicly. The only reason you can view your app.js via (im assuming the browser) locally is because you are viewing it as a 'file://'. when this code is ran as a server, the server side code will not be viewable to the client.
You want a hosting with root access for Node.js.
So you want a VPS or Dedicated Server at GoDaddy.
The user does — not — have to enter the port always.
If you set it to 80 for http and 443 for https it works so.
You can have the main script in another directory.
Like that it is safe to enter database details.
The user cannot get the script then.
I have a website which is completely client-side. When it is in a testing environment, I use localhost for all links to other services: databases, report builders, etc.
When the website is deployed to apache2, for to go live, I have to manually change those link to the IP address of the server.
Is there any way in code to avoid doing this? Or, is the only way to automatically change them (grunt for example) during the deployment phase?
You could check the window.location object and put some conditional logic around the hostname, e.g. if (window.location.hostname == 'localhost') {}.
Although mixing environment specific / test-time code is typically a smell. Your hunch about this being a build/deploy time activity is probably the right way to go. The gulp-inject plugin is worth considering.
how I'd do it. (nginx)
run my application from server (you can access it via localhost on the server)
use nginx to serve the localhost application whenever a request comes to the server.
you can do the same with apache2:
i was about to write how to do it, but this website says it all: http://subinsb.com/linux-apache-localhost
I'm trying to develop a web app that uses javascript's geolocation functions. Since version 50, Google Chrome has blocked access to its geolocation functions for origins not using HTTPS. That's not a problem when I deploy my code to a production environment (which has a valid SSL cert), but for development I'm just using a hosts file entry to preview my code running on a local VM (specifically, Laravel's Homestead), which obviously doesn't have a valid SSL cert.
Is there a way to configure Google Chrome to permit access to the geolocation functions on my development VM, even though it's an "unsecure origin"? Alternatively, is there any way I can configure Homestead so that Chrome will believe that it's secure?
With your configuration (modifying hosts file to point the DNS of your domain to your machine), you can create a trusted certificate, using let's encrypt for example.
Just to mention it, http://localhost is considered secure, and chrome has a --unsafely-treat-insecure-origin-as-secure startup flag as mentioned by #4026 in his answer
The simplest answer to this question turns out to be that Homestead actually sets up self-signed certificates by default, so accessing your dev code via HTTPS works already, albeit with Chrome issuing an invalid certificate warning. However, if you accept that warning and agree to proceed to the insecure site anyway, Chrome allows the site to use Geolocation as though it were secure.
However, if that doesn't take your fancy, there are other options:
Set up Homestead with valid SSL certs
If you have a production webserver and control of a public domain name, you can use certbot to generate a trusted certificate on that server, and then copy the cert files to your Homestead box to use instead of the self-signed certs it auto-generates.
The disadvantage to this approach is that the certificates certbot generates are only valid for 90 days, so you'll need to repeat this process every three months (or any time you re-provision your Homestead box).
Add an A record to your DNS that directs the domain you want to use for development (say local-dev.yourdomain.com) to your production server.
Install certbot on the production server, and run certbot-auto certonly to generate a valid cert for local-dev.yourdomain.com.
Copy the files /etc/letsencrypt/live/local-dev.yourdomain.com/fullchain.pem and /etc/letsencrypt/live/local-dev.yourdomain.com/privkey.pem from your production server to your Homestead box.
Update your Homestead.yaml file to ensure that it directs requests for local-dev.yourdomain.com to the correct code directory on the box.
On your Homestead box, overwrite the files /etc/nginx/ssl/local-dev.yourdomain.com.crt and /etc/nginx/ssl/local-dev.yourdomain.com.keywith the fullchain.pem and privkey.pem files (respectively) that you downloaded in step 3.
Update the hosts file on your development machine to point local-dev.yourdomain.com to 192.168.10.10 (or whatever ip is specified in your Homestead.yaml file).
Access your site via https://local-dev.yourdomain.com and enjoy that hard-earned green padlock icon.
Explicitly configure Chrome to treat your (non-https) domain as secure
Chrome has a --unsafely-treat-insecure-origin-as-secure startup flag that can be used for this purpose, but it requires the use of a distinct user profile (settable via a second flag) in order to work.
From the Chromium wiki:
You can run chrome with the --unsafely-treat-insecure-origin-as-secure="http://example.com" flag (replacing "example.com" with the origin you actually want to test), which will treat that origin as secure for this session. Note that you also need to include the --user-data-dir=/test/only/profile/dir to create a fresh testing profile for the flag to work.
For development purposes, I use ngrok. You can get a secure tunnel to localhost. This allows to debug webhooks locally, test mobile apps or APIs with the backend mapped to http or https, really simple to install and use.
ngrok official site