Please excuse me for my incompetence.
Can I Redirect a http request to https request in node.js, Without running the http server?
Is it possible to only use https server on node.js and redirect http request to https?
No this is not possible. HTTP and HTTPS needs to listen on different ports. This depends on that they are different protocol types. Therefore you need two servers. Also in Apache and Nginx you need 2 Configurations for handling the redirects between HTTP and HTTPS.
Related
I'm making a small multiplayer game for the browser using node.js and socket.io. I'm not to familiar with the whole HTTP and HTTPS things.
Currently I'm using a Node.js server for the game on port 3000. With this atempt I am only able to host one server at a time. Either a http or a https server. The problem is, that browser always try to access the http server, but it's insecure.
So my question is: Can I redirect the client to https somehow? Or is there a way to remove the port completly and let it run as a page of my Apache for Ubuntu (Like https://example.com/game)?
The first thing would be to determine if you're in HTTP
Example:
const url = new URL('http://example.com')
console.log(url.protocol) // output: "http:"
Then to forward to HTTPS, just redirect.
res.writeHead(301, { Location: `https://${req?.headers.host}/${path}` });
I have an https website (using LAMP stack) and I want to send an http request to port 3000 of a separate node.js server when you click a button (using an AJAX call and jsonp). It worked when my website was not secured (http), but after I switched to using a load balancer to make it secure (I'm using Amazon Lightsail), the http request no longer works. Is this because an https website does not allow http requests since all information on the website is supposed to be secure? And if so, should I send an https request instead? This would require me to make the node.js server https-secured by adding it to the load balancer. However, would this prevent me from requesting to port 3000 since load balancers only accept requests to ports 80 (http) and 443 (https)? I've looked into listeners but it seems like Amazon Lightsail does not support listeners with its load balancers.
Put that node server behind the same load balancer as a reverse proxy with another route or dns and it will probably work for you.
How should I configure Caddy to serve both http and https instead of redirecting by default to https?
http://example.com/info
https://example.com/info
Background:
We have a Windows program that connects to one of our domains to retrieve information over http.
In future versions we want to connect to a new server using https served by Caddy.
But we don't want to break functionality in older versions of our software, so we need to use the same URL and be able to receive the same data via http and https.
I think something like this will work
example.com/info {
# TLS config
}
http://example.com/info {
# http config
}
I have a server over HTTPS on NodeJS with Express.
When uploading a file, I have used the req.protocol directive in the controller to get either the HTTP or HTTPS "part" of the URL, so that I can save the file with the absolute URL. The problem is that without enabling the "trust proxy" setting of express (http://expressjs.com/en/api.html#trust.proxy.options.table), HTTPS doesn't get detected.
I thought this setting was used in the case of the actual redirect (when using the HTTP URL and the server doing the 301 redirect to HTTPS).
So this is more of an explanation question, rather than a solution one:
Why doesn't the HTTPS get detected when calling the URL through that?
trust proxy has nothing to do with 301 redirects.
That settings is important when running your node server behind a proxy:
+----------HTTPS--------+---HTTP---+
| | |
client --> internet --> proxy --> node.js
It is typical that you have some sort of proxy between the internet and your node server; for example a CDN server, a load balancer, or simply an nginx instance or such. The HTTPS connection is established between the client and that proxy. The proxy cares about the necessary wrangling of the SSL certificate and encrypting the connection and doesn't burden your application server (node) with those details. It is then forwarding only the relevant details of the request via plain HTTP to your node server. Your server only sees the proxy as the origin of the request, not the client.
Since the node server didn't itself handle the HTTPS connection, how could it know whether the connection between the client and the proxy was HTTPS? It can't. The proxy needs to voluntarily forward that information too. It does so in the X-Forwarded-* HTTP headers. The information whether it was specifically HTTP or HTTPS is sent in the X-Forwarded-Proto header.
The thing is, those are just HTTP headers. Anyone can set those headers. The client itself could set those headers. That's why you need to explicitly opt into using those headers with the trust proxy setting, iif and when you know your app will be running behind a proxy which sets those headers. When you're not running behind a proxy but your node server is directly exposed to the internet, you must switch that setting off; otherwise anyone could set those headers, your server would obey those headers and be lead to use false information.
So I've already done my research and figured out that socket.io only works with cloudflare if you use set ports found that here
So through that research I found that http and https can't use the same port. I'm coming here to as you guys how do you get a socketio server to listen on two ports? So it can support http and https with cloudflare
The common method is referred to as an SSL Termination Proxy (also called SSL off-loading). The proxy accepts incoming messages over HTTPS and passes the decrypted requests to another resource (another server, web service/API, etc.). This would allow your Node.js application utilizing socketio to handle all requests, no matter if the client made an HTTP or HTTPS request. Software like NGINX, Apache, and even Microsoft IIS are capable of providing this functionality.
Here are some links regarding this topic:
General Info: https://en.wikipedia.org/wiki/TLS_termination_proxy
NGINX: https://www.nginx.com/resources/admin-guide/nginx-ssl-termination/
NGINX: https://www.nginx.com/resources/admin-guide/nginx-tcp-ssl-termination/
HAProxy: https://www.digitalocean.com/community/tutorials/how-to-implement-ssl-termination-with-haproxy-on-ubuntu-14-04
IIS: https://blogs.iis.net/wonyoo/ssl-off-loading-in-application-request-routing