I have a simple node/angular application and I would like it to run under a sub-folder of an apache/php application.
What I mean:
At the moment the node app runs under this url http://www.mysite.com:8080 I need the application to run under http://www.mysite.com/nodeapps/applicationName/index.html
Do I need to change something in my apache configuration except moving the application under that folder?
The node app now is under opt/applications/node/applicationName
I am new to Node.js so please make sure that you explain your solution in details or else I am going to get even more confused :)
Apache simply serves files. However, your node application will also serve files without the need of an extra server. So you don't want your node.js files to be in a folder served by Apache (this will make the source code public which you probably don't want in most cases). Instead, the way to go is to run node.js on a custom port (like the above http://www.example.com:8080) and to redirect from apache to that port like so:
RewriteRule /nodeapps/applicationName/(.*) http://localhost:8080/$1 [P]
Related
I've created a website using html,css,sass,js, node, express & ejs. Do I need to make any changes in the code to deploy it over the web?
P.S. I've set the port to process.env thing and added the css & js files to a public folder. Are there any other changes I need to make?
Not sure what you are asking.
You basically need to make it publicly available.
You could either do it using a host provider or in theory you could set up your own server using apache ,nginx etc then reroute your home router to your machine (laptop).
Your server will run the same way as locally in theory.
You just need something to redirect the traffic in and out.
This may seem like an odd/broad question, but how does a server know not to render Express.js files and not to expose the content similar to how anyone can see a javascript file, and read the script being executed. Do node servers like Heroku protect them ? Sorry just new to express and node. Is it similar to how PHP syntax/scripts are hidden and protected in a Apache server?
It depends on the server configuration. On a poorly configured server, the .js files might be accessible.
With a nodejs/expressjs server you define a base folder that contains public files, e.g. public and files outside of that public folder are not visible, because the server doesn't serve them to the outside. If you configure the wrong directory, e.g. ., then the expressjs code files would be available to browsers and would be rendered as-is to them, potentially revealing unsafe data like configuration, passwords and so on. Since the default configuration and all code examples make sure that public is defined as the public folder, the risk of accidental misconfiguration is low.
If you run an apache httpd or other webserver on the same host, you have to make sure that the node application is not inside the webroot of any vhost, otherwise the files might also be visible, because to the apache httpd they also look like simple static files, ready to be sent as-is to the browser.
It is different from PHP files, at least in the case of apache httpd or nginx, because those are usually configured so that PHP files are files to be executed, not static files to be served to the outside. However, if the apache httpd or nginx doesn't know about PHP, either because it isn't installed or isn't configured, then PHP files inside the webroot would also be shown to the public as-is. Display of files for the apache httpd can be prevented using .htaccess files.
I'm deploying a simple node.js app and I'm using apache as a web server. I installed apache correctly and the only thing I changed in the httpd.conf file was the DocumentRoot and Directory. I pointed these to the directory of my node application. I restarted apache and when I go to the public IP I only see the apache testing page?? However if i curl the private IP address.. with the port extension (:8000) than it returns the index page of my app. How do I get apache to send the request to the correct port ?
Edit: If I curl just the private IP address it returns the html for the Apache testing page.
You proxy the request from Apache to Node rather than try to make Apache call the node command directly (like you would do with PHP).
You can do this with config like this:
ProxyPass /app http://127.0.0.1:8000
This means if you go to https://www.example.com/app then you will be calling your node service.
You can of course ProxyPass / so everything goes to your node service, but most people find it's best to allow the web server to handle static pages and resources (as its good at that) and then have node return dynamic content - either directly returning HTML or just returning data in JSON format and the front end javascript using that data.
I'm not sure what I'm missing here, so hopefully someone can help me out. I'm working on a project where we're using Node and in the Run/Edit configurations I've down the following:
Node interpreter: This is the path to the node.exe file
which I checked out from Subversion
Working directory: this is where the "app.js" file is, this is the
path that from the command line you type node app.js and it starts the server
JavaScript file: app.js This is the name of the file that actually creates the server
Now from the main nav bar when I do Run / Run my server the box at the bottom pops up and tells me that Express server is listening on port 3000. Cool.
I can navigate to localhost:3000/myPage.html and I can get to the page just fine.
I added as JSON file to the same directory on my hard drive that myPage.html is in, and I can navigate to that as well by localhost:3000/largeTestData.json.
So the server is up and running and serving file as it should. My problem is that in my Webstorm project, I want to make an AJAX request to that largeTestData file. I do so using jQuery like:
var data = $.get('localhost:3000/largeTestData.json');
data.done(function(data){
console.log('here is your data');
cnosole.log(data);
})
When I do that I get the error (in Chrome)
XMLHttpRequest cannot load localhost:3000/largeTestData.json. Cross origin requests are only supported for HTTP.
and so I look at the URL and I'm seeing:
http://localhost:63342/
Obviously Webstorm has started the server correctly, but when I view an HTML file, it's not using that server (which, of course is why I'm getting the CORS error.
There's some fundamental stuff here which I'm obviously not getting. I need my IDE to deploy to the Web server that it started up, but it's not doing that. Please, someone give me a once over on all the technologies that I'm missing out on here.
WebStrom didn't start your node.js server, but serves static pages by its own internal HTTP server which doesn't know anything about node.js and Express.
The main problem:
When you start your node.js server, it's serving JSON files on port 3000. If you open an HTML-page with the little menu in WebStorm (where you can choose the browser), WebStorm opens the browser with an URL pointing to its own internal webserver running on a different port (e.g. 63342). JavaScript security prohibits loading data from a different host/port Same-origin policy.
It's not WebStorm's fault and you need a solution for this problem in production or you can't go live.
General Solution:
Either you have to ensure that HTML pages and JSON data come from the same host+port, or you can circumnavigate with (a) setting server-side headers ('Access-Control-Allow-Origin: *') as #lena suggested, or (b) using JSONP. Below you find some thoughts using nginx as a reverse proxy so from browser's point of view all requests go to the same host+proxy. It's a very common solution, but as mentioned above, there are other options.
Primitive solution:
Don't use WebStorm to open your browser. Load the page from http://localhost:3000/ and change the URL of the REST resource to $.get('/largeTestData.json'). You'll miss some comfort from your IDE, but you can immediately see that your program is working.
Comfortable solution:
As #lena suggested, there is a way to configure your Express/node.js as a server known to WebStorm. I haven't tried it, but I suppose you can then just press the Run-button and maybe the node.js plugin in WebStorm is as intelligent to know the static-maps in Express and know how to map an HTML-file to a web application URL and open the page in the browser with the URL served by your node.js application. (I'd be surprised once again if this really works magically, but maybe you can configure a mapping from files to URLs manually, I don't know.)
Dirty solution
With some options you can disable security checks, at least in Google Chrome. Then it's possible to load JSON data from a different port than your HTML page. I wouldn't recommend using these options (just my opinion).
Additional Hints
If you do more than just playing around with node.js and some UI fun and you have to serve your application "production-ready", then have a look at nginx to serve your static files and reverse proxy node.js requests from there. I'm using this setup even for development and it works like a charm.
Of course node.js / Express is able to serve static files as well, but IMO placing something like nginx in front of node.js (clustered) bring a bunch of advantages for production sites, e.g. load-balancing, ssl-offloading, avoid JSONP, in many cases performance, easier deployment updates, availability.
To get your code working, just change the URL in $.get() to full URL (including protocol):
var data = $.get('http://localhost:3000/phones.json');
In Webstorm 2016.3 (and probably earlier) there is now another option. Under the Configuration Settings for NodeJS runs, one can manually set the page and port to be loaded via Webstorm's "Browser/Live Edit" settings.
See the screenshot below for settings one can change.
I'd like to create a simple site on NodeJS. For example, it has two files (app.js - main application file) and router,js (a url file). I'd like to know - if it possibke for anyone just to access mydomain.com/router.js to get the source code of my application? I'm asking 'cause for example in PHP you cant just access to php, as you know server just gives you the result of working of this PHP-file, but not the file itself. So, how to make my nodejs-app invisible for public access? Thanks!
I make sure that all files for Node.js are never in a path that is served by another web server such as Apache. That way, there is little danger of the source ever being served by accident.
My node program's and files go in /var/nodejs with a sub-folder for each application in Node. By default of course, Node will not serve ANYTHING unless you tell it to.
At the root of my Apache configuration, I make sure that ALL folders are secured so that I explicitly have to enable serving on any folder structure even under the /var/www folders that I use for all Apache sites.
So you are pretty safe with a default setup of Node and Apache as long as you keep the folders separate. Also Node will not serve source code accidentally, you would have to set up a Node server that read the file as text and wrote it to the http stream.
That depends on how you are using Node.js and what you are using for a web server in front of it. Unlike PHP running as CGI or as a module in Apache, node and the node application itself is a server.
If you have a webserver with your node source directory exposed then the url you provided in the question will most likely result in your source code being served. Even if you were using Apache and proxying to node, there is usually no output filter involved. Instead requests are passed to the backend node server which interprets them.