How is a NodeJS application distributed to client?

Question

How is a NodeJS application distributed to client?

Navigation

#1 by (3 votes)

0

I'm taking a look at NodeJS and I had a question about its distribution.

Assuming I have a company, and I use Express / NodeJS to create a simple REST service for my main application. To install this server on a client, would I need to install NodeJS on that server? Is there a ... main server (thing like Wildfly, Apache, Xamp, etc ...) to support a NodeJS server? And the client, could you simply edit the .js files of the node?

javascript node.js typescript

asked by anonymous 09.06.2018 / 19:58

1 answer

Find the most frequent character in a text What's wrong with this code to insert data into mysql?

score 3 · Accepted Answer

With Node.js (which allows you to create applications for server-side ) and assuming you have control over the following aspects of your server:

Incoming ports outgoing
SSH (or you can directly install anything on your server)

You could simply release the ports to create a server for your API, or else you could use something like:

link

I believe that you could communicate with Apache or Ngnix, then you would create a VirtualHost in Apache or a host in nginx.conf to port to the FastCGI port that is running your application written for Node.js

Or maybe you're using Express (which is much more likely), you could just use ProxyPass ( link ) with VirtualHost in Apache, like this:

<VirtualHost api.site.com:80>   
     ServerName api.site.com 
     ProxyPass "/" "http://localhost:5000/"
</VirtualHost>

In this way I think it is much easier than using any module for Node.js, as it would be enough to use what you already have, of course in this case it also depends on you having control over the server.

PS: http://localhost:5000/ would be the local host and port for the application in Express

And the client, could you simply edit the .js files of the node?

The client could only edit its .js or .php if it has access to the server, if it has it can "spoil everything", or modify, or ask whoever it is to modify it, but if the its purpose is to protect the codes, so encryption could be a possible attempt, however not even encrypted or compiled codes are "saved", there is reverse engineering, there is still the possibility if the customer bought from you the code is his and if he to demand you will have to provide, I will not go into this subject, as this goes to the legal side, of which I have no knowledge to speak.

Going back to what matters, as I said, nothing is actually free, reverse engineering is complicated but it is not impossible, so if your goal is to prevent application crash the solution I propose to you is simply you being the only one who control the server, with ProxyPass for example you can hire a hosting part and the server of your client points to the address of this other server.

<VirtualHost api.sitedocliente.com:80>   
     ServerName api.sitedocliente.com 
     ProxyPass "/" "http://hospedagemapartequecontratei.com/"
</VirtualHost>

Of course this goes to the "security" side, if the goal is for the client to only access via api.sitedocliente.com and want to prevent access to hospedagemapartequecontratei.com then a simple and minimal solution would be to check the IP of the server that requested the other, it would look like this:

On your server with Node.js you should check the value of request.connection.remoteAddress , assuming your client has a fixed IP on the server, so you could limit access to this IP only.
If you do not have a fixed IP, or this is impractical then you can try to limit access with #

>

I did not test the x-headers under these conditions (both local and on different servers), if something fails let me know that I will edit the answer.