I have a single domain, which is pointed to the frontend(Reactjs) of the application hosted on cPanel. The backend(Nodejs) of the application is on a Linode VPS. The frontend of the application communicates with the backend through APIs.
Every thing was good in development phase but now in production the browser doesn't allows to use APIs with http (Was giving mixed content error) and to resolve this issue I changed it to HTTPS from HTTP and configured nginx with self signed certificate. Now I'm able to make requests from the browser using the IP Address of my server and I don't want to use domain for that but it shows the warning that the certificate is not trusted. How can I resolve this issue as I don't want to use another domain for the backend server.
Related
I currently have an https domain https://example.com hosted in a Windows Server R2019 machine. I am also developing a web application in Node.js in my laptop that will, in the future, be installed in the server.
Say I want to share my app with external parties that require https. During this test stage I will keep the web app in my laptop, instead of installing it in the server. In order to use the same SSL certificate assigned to https://example.com, would I be able to configure IIS to redirect a certain URL like https://example.com/myapp to my laptop's internal IP/PORT (192.168.xxx.xxx:port) where the app is hosted?
Thank you in advance.
I'm making a hobby project and it involves a NodeJS http server that I access via a web browser (through GET and POST requests). The HTML/CSS/JS part of the webpage is local, not on the NodeJS server.
I understand I need to generate SSL certificates but those ask for things like domain names and stuff.
I simply want to enable HTTPS on my NodeJS server. Right now I'm manually encrypting all messages sent back and forth through AES, but I trust the https security more, I'm not a cryptographer.
Is there an easy way to get those certificates? My NodeJS server is accessible via the internet but only by IP address (port forwarded), and through the express module using HTTP requests.
Do I need to pay for them?
In this case you can take services from Digital Ocean, you can buy subscription as per your choice and deploy your Nodejs app with free SSL certificate.(let's encrypt)
However I recommend you to understand following concepts
Reverse proxy (nginx)
Process managements (pm2)
SSL certificates
I am sure, You would love to go though with starter tutorials from DigitalOcean
https://www.digitalocean.com/community/tutorials/initial-server-setup-with-ubuntu-20-04
https://www.digitalocean.com/community/tutorials/how-to-install-nginx-on-ubuntu-20-04
https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-20-04
As Its a hobby project, otherwise I would have recommended other options.
I'm currently developing a full-stack web application + mobile app. I've pushed my API backend (node.js express) to an AWS EC2 instance.
Now I'm looking to create the frontend with React. As well as a landing page which I think will be just plain HTML (or even WordPress if possible?) to get it running asap.
Questions are:
should I upload all 3 to the same instance? if so how?
can I point my domain in a way where mydomain.com - serves the landing page, api.mydomain.com serves the backend for requests, and app.mydomain.com serves the react app.
This solution is entirely upto you here, if this is a personal project or one with a tight budget then yes you can put all applications onto the same server.
If you have a HTML only application then you could deploy that specific application to Amazon S3 with a CloudFront distribution in front to provide CDN functionality.
If you do run the applications on your server then you will need to ensure that the web server can resolve each set application individually through hostname for example Nginx uses server_name to define the web domain name for that vhost.
I would suggest if you're running all on the same box run each node application on a seperate port, then use Nginx as a proxy based on the domain name. More information on how to set this up is available here.
Finally add DNS records to target the host IP (or CNAME if you use CloudFront).
I have started creating my own nodejs app (for the first time) that I hope to deploy at some point, perhaps to Heroku or another platform.
I need for my app to encrypt traffic namely for user passwords and sessions (note there is no other obviously sensitive data).
I started looking into serving my app using HTTPS (SSL) however I am now wondering if I need this. If my app is to be hosted and deployed using Heroku/other platform won't all requests be trafficked through their servers presumably using HTTPS by default? I am guessing that the request will then be routed using HTTP to my application, although I am struggling to understand how this works. Ultimately I would like to know if I can ignore worrying about paying for SSL certification and such like when it will not matter in this hosting environment?
Help much appreciated. Matt.
If you are using heroku then you must be using paid dyno( hobby or professional) and heroku provides free SSL to all paid dynos. Furthermore if you think that at some point you can switch hosting then there is always freessl available via Let's encrypt.
Heroku serves all requests with and without SSL in default herokuapp url.
Use cloudflare free plan. Open a free account in cloudflare, Copy the DNS. Then set the DNS in your domain service provider (godaddy or sth), then change the Cname config for the website inside cloudflare. Now you have a free certificate.
In order to run HTTPS on my node.js application, I load the certificates within my application. It works fine on my laptop. I am now pushing my work on OpenShift, but the app does not work anymore (ligatures.net).
The Openshift [documentation][1] says certificates can be loaded via the web console. So do I need to load my SSL certificates within my application or should I rely on the web console instead?
You need to load the ssl certificates in the OpenShift web console, as the ssl termination happens on the proxy that is part of the node that your gear is on.