Having issues running Nodejs and React side with IIS running HTTPS - node.js

I am having issues with running NodeJS as a backend for a React application (website) when utilizing HTTPS. The NodeJS runs on port 3001 waiting for requests. When React is running on IIS on HTTP and queries NodeJS (http://localhost:3001) everything is fine. However if I deploy SSL on the React application then the communication between React and NodeJS fails. I believe it is the security restriction of HTTPS and HTTP interacting.
The question then is, how do I run node on port 3001 but on HTTPS to deal with HTTPS origin requests?
I have looked at Reverse Proxy (https://dev.to/petereysermans/hosting-a-node-js-application-on-windows-with-iis-as-reverse-proxy-397b), looked at IISnode which doesn't seem to be supported anymore and read up on running NodeJS on HTTPS (which doesn't seem to be a viable solution).
Looking for any guidance and direction.
Much appreciated.

Ok, typical that 10 minutes after you ask, you figure it out.
This is how I resolved the issue and someone more knowledgeable might correct me.
On IIS you have your HTTPS React website
Create a second Website on IIS (that also has SSL installed so can be accessed through Https).
On this second website you install the reverse proxy solution (https://dev.to/petereysermans/hosting-a-node-js-application-on-windows-with-iis-as-reverse-proxy-397b) and route the requests to port 3001 on NodeJS application.
Effectively this means that the React application running on Https can now call NodeJS on Https (e.g. https://mynode.mysite.com) and the reverse proxy forwards the request to the NodeJS application on port 3001 (or the port that you are running NodeJs).
If I am wrong (this worked for me) or have gone the long route, please feel free to correct.
Thank you.

Related

Is it safe to open the Nodejs server port to the world?

A React app and Nodejs server which is used to retrieve and manipulate the data are running on the same server. When accessing the app locally it workes fine, but when accessed externally the app is visible but without data. The reason behind this is that the port on which the application is running is open but the port on which the Nodejs server is running is not.
My question is this, what is the best way to solve this issue? The simplest solution would be to open up the other port, but I am assuming that is not the most secure solution.
Any suggestions would be appreciated.
Open to port for the outside world and implement a token-based request verification system.
You can implement CSRF token verification. It always checks that request comes from a trusted source only.
Do this using a reverse proxy server, like nginx, to listen to the open https port. The reverse proxy will handle the https encryption, rather than burdening your nodejs code with it. nginx is multithreaded and can do https efficiently.
The reverse proxy passes along requests to your http://localhost:3000 nodejs. In my experience, this arrangement works very well at large scale.
Explaining how to do this is too much for a stack overflow answer. But you'll find plenty of online advice.

Local server http communication and angular browser rendering

I think I'm doing something completely the wrong way.
I have an Nodejs server running that read in a DB and serve with express some data via http locally (it has to only be accessed locally). It sends the data on localhost on some port (8080 for example). Then I have an angular app on the server that get these datas from an http request on localhost:8080 and display them. The angular app runs locally on localhost:4200.
I was building the entire stuff on my computer and that was working perfectly (I have no problem with CORS). Then I deployed it on a server, and I accessed it via ssh port forwarding. Basically I forward localhost:4200 on the server via ssh on my local computer on localhost:8090.
And my problem is that, when loading and executing the angular app in my browser via port redirection, it's doing a get request to localhost:8080. So it's trying to communicate with the localhost it's running on, which is the client itself.
If you understood my spaghetti situation, there is actually a dirty solution : redirect localhost:8080 on the server to localhost:8080 on the client.
Is there any way to do the get request server side and not in the client's browser so that localhost correspond to the server? Is there a better way to do what I'm trying to do?
I can sum up by : How can you access another local service on localhost on the server with angular app since it executes in the client browser and localhost will refer to client localhost.
Try to use any web server (such as nginx or apache2 or etc.) in your server and make use of proxy and reverse proxy with your node application, it will work
angular2-router-and-express-integration

how to access own Node.js server in https web site which deployed in nginx

i do deploy a website in nginx and translate it from http to https using let's cerbot before. it runs well.
My question is, in my website, i need to access my own Node.js Server using axios. As before, i used http, it goes well expect security.But now, below the Https connect, the browser blocks my http connect.So i tried update my Node Server to support Https connect using Self-signed SSL certificates, but the browser blocks it as well.
Who can tell me how can i fix this problem and make the site work well.Thank you!
You should setup nginx as reverse proxy for nodejs server

axios.post gives error on my VPS when sending post request locally to another app. Everything works fine on my local computer

So I have a Nginx configured to forward requests trough port 433 (SSL) to localhost:3000 where react is running, react shall in turn post requests to a Node.js app running on the same VPS (localhost:8080) to make a stripe payment.
Everything work fine so far. The frontend is rendering, SSL working.
But when the i run axios.post with the payment data from React it never reaches the Node (as far as my logs tell me).
I have CORS setup in node to accept a bunch of "localhost" variants and the actual domain itself.
Why is this not working?
Thanks!
I should have been poitning the React app to the Url of the api, not its local adress on my VPS sorry.

Node express from webserver

I have been developing a standalone app for an event exhibition. This comprised of a backbonejs frontend with a node express server backend for saving data. At the event this will run over localhost fine but how can I make the express server be accessed via normal http. I.e the backend responds when app is added to my webserver for client review
Any ideas.
G
Servers available at localhost should respond to http requests if your firewall is open. If you are behind a router, you need to configure it to forward requests to your machine. NAT is the simplest (and least safe) way.

Resources