I'm learning how to program in Node.js, and so far I've been able to run it using my computer as a server, and log in through an IP address:8080 from other computers on the same router. But for the life of me, I can't seem to find any tutorials or anything for taking it public. E.g using my laptop from work to connect to the server hosted at home. I've searched free servers and am completely mixed up on SSH keys and github requirements and stuff with a bunch of others. I'm really mixed up.
I'm also thinking it would be much simpler (and 100% free on monthly payments) to buy my own hardware and run my own servers? Any tutorials on node.js hardware set ups?
Please help, I'm completely confused.
EDIT
I seem to have been a bit unclear. I'm going to use node.js to make games/apps with logins. When you "login" you automatically login to the server also. Not only from "work to home", I meant completely public as a multiplayer game.
One easy way to setup a node server for free is using AWS Free Tier.
Once you follow that link and setup a server...
You can follow along with this tutorial to get your server up and going, install node, install mongodb and even make an app that will run on the live server.
Run throgh this tutorial
How I installed node on my server,
Personally I have a VPS from Bluehost. This cost me about $120 a month but lets me do whatever I want with my server. By whatever I want I mean install whatever I want...
I have npm install,
I installed node.js globally.
I installed mongoDB.
I can run mongodb applications from anywhere and connect them to the MongoDB running on my server.
Having a VPS can come in handy as you can see... I suggest AWS free tier. Learn how to install all the things you want. Play with it. Break it and start over.
But when your done with all of that...
Be a Jedi Master!
Node doesn't have any specific hardware requirements or configuration. And can be hosted on anything.
I guess you don't have a dedicated ip address. So, your question seems to be all about network, routing and dealing with NAT. If you're not familiar with those, it might be not a bad idea to use external hosting.
But if you want to give it a try, this might be helpful - https://superuser.com/questions/121435/is-it-possible-to-host-a-web-server-from-behind-a-nat
Besides hosting your own hardware, there are 2 options for what you describe.
One, use a portforwarding tool to make your home server accessible from your work, for example ngrok.
Two, deploy your node.js app to an online platform, for example OpenShift or Heroku. Most of these platforms have a low-performance free options.
Related
I've been getting into Node.js recently and I really like the example shown on Socket.io's website showing a real time chat application. However, in all of the examples I see the URL used is localhost:8080 or whatever ip and port is applicable. However, is there any way to implement this into an existing webpage so that it isn't a separate URL? If not, how are these real-time chat apps done in real life?
these sort of questions are usually not meant for stackoverflow, but everyone has been where you are! Stackoverflow is dedicated for code related questions, but this might help you get to your next steps:
NodeJS is a backend server language, you will have to deploy it to a production environment.
New developers typically learn by using services like heroku.com to quickly host backend apps, they take a lot of the complexity of learning Linux or Microrost Server out of the mix, but they are not typically used by more advanced developers.
More advanced (real world apps) run on AWS/Azure/Other hosts.
Implementing it in an existing website requires both frontend and backend languages. Nodejs gives you a leg up in that it's javascript, and can run in both frontend and backend situations.
There are many places online that provide tutorials for creating backend servers and frontend websites.
the list is endless, but some good places for new developers are
https://frontendmasters.com/
https://teamtreehouse.com/
https://egghead.io/
Here is a tutorial on heroku for setting up a nodejs app
Getting Started on Heroku with Node.js
Assume a substantial (MIT Licence) Open Source (Node) Javascript web application.
I'd like to establish confidence that the application does not leak information over the internet. One approah would be to read every single line and make sure I understand it. This sort of detailed code-review feels like overkill.
As the Application is behind a NAT/Firewall, it may be sufficient to establish that the implementation does not initiate any remote connections. It is important to consider both the obvious direct initiation of connections (TCP/HTTP/HTTPS/FTP/SSH - etc.) in the source itself - and by any of the dependencies... and any by indirect means - for example - involving the client web-browser during operation.
I'm not really worried if the application is insecure in the sense that its access controls are fallible from the network on which access is provided... though I don't object to a heads-up about any clear flaws.
Are there tools that make this sort of assesment straightforward? Would a sandboxing approach be viable - and, if so, what mecnaism would be suitable to create such a Node sandbox?
This question is surprisingly broad. You seem to be asking:
are there any "trojan horses" embedded in my nodejs application or its npm dependencies. Did the developers of the code sneak in any malicious code that might exfiltrate my data?
is my nodejs web interface secure against cybercreeps?
is my server (hosting my nodejs app) secure against cybercreeps?
The first rule of information security is this: Nobody can steal information you don't store. If you don't need it, don't store it.
About the trojan horse situation, I have these suggestions about code:
Inspect your own code to the extent you can. Looking at the require() lines of your code is a good start; it alerts you to your own modules that might use outbound networking.
Use npm audit to take advantage of crowdsourced inspection of your dependencies.
If your source code is on github, they'll do some of that npm audit work for you and pester you with emails about vulnerabilities.
Rework your nodejs web app to use the hapi.js framework instead of what you use now. Developed by paranoiacs at Walmart, it has zero external dependencies.
If you have the time and/or money, use a static code analysis tool to inspect your code. Sonarqube, Checkmarx, etc etc.
About rigging up your servers to slow down exfiltration of data:
Monitor or log the outbound traffic from your server and inspect the logs. This may help.
Set up your outbound firewall rules to disallow traffic that's not part of your application. Digital Ocean's tutorial is here. Careful: you can overdo this and break stuff you need.
Keep your sensitive data (in a dbms, maybe) on a separate machine from your web applications. Set up access for that machine with a whitelist that only allows your web applications, and nobody else, to connect to it.
About whether your web interface can repel cybercreeps while allowing legitimate users:
Read up on anti-cybercreep packages like helmet. Understand them and then use them.
Consider attacking your web app every few months with a white-hat hacker's tool like burpscan. That tool costs money. Its developers routinely update it to add test for newly discovered vulnerabilities. It detects stuff like these OWASP Top Ten vulnerabilities and more.
Pay attention to your web server logs. (And be aware that web servers facing the public net get many many probes from around the world to see if they're vulnerable.)
Check the security of your TLS (https) with Qualys's SSL Server Test.
About whether your server machines can repel cybercreeps while allowing legitimate administrative access:
Promptly post security updates from your operating system vendor.
Lock down your machines. Don't run any services you don't need. Turn off, for example, smtp, ftp, dns, ntp, and nfs services on a web server (the services, not the clients for those services). These days this is fairly easy because bare-bones server editions of operating systems don't come with any of that stuff installed or running.
Use nmap to check your servers for open ports, routinely. One of Digital Ocean's excellent tutorials describes this. For a web server, only the ssh and https ports should be open for the safest setup.
Make your public-facing servers "sacrificial". That is, make it so you can build a new copy of the server and its software load from scratch at a moment's notice. That way, if a cybercreep does break into your server, you can just burn it down and start up another one, forcing the creep to start over.
Did I mention? Promptly post security updates from your operating system vendor.
Maybe you can try Sonarqube
I have no experience in installing it, but my workplace use it for checking code quality.
it shows something like this
it will show which line of code is bad, and give suggestion on how to fix it.
i remember seeing something related to OWASP in sonarqube, but have not give it a try yet.
I have two computers.
Computer 1 is a Windows 7 computer. It is my main computer where I use it for web browsing, gaming, paying bills, etc.. I also use it for all of my development work. I am currently using Visual Studio Code and to a lesser extent Visual Studio 2015 Professional. My main focus at this time is Javascript, PHP, HTML, CSS.
Computer 2 is Linux Ubuntu that i have configured as a web-server. I used the tutorials from Digital Ocean to create the web-server.
I currently own two domains purchased through google domains and I have two simple websites that I am currently hosting on this web-server. The websites were built using a combination of PHP, Javascript/JQuery, HTML and CSS.
I wish to expand my knowledge base so I have recently started looking at Node.js and will also be looking at Angular.js and other .js's.
I installed Node.js on Computer 1, my 'daily/development' computer. My question is do I need to install it on my WebServer? I wrote a small Node.js web app on my development computer and moved it to my server and it worked but I am not sure if this would work for something bigger. I know I could just write something and experiment but I was hoping to get some advice from others who have a similar setup before I go down a frustrating path.
In general, if you have an 'everyday/development' computer and a separate dedicated web-server, how do you know where to install things like Node.js, Angular.js, etc... I have viewed numerous tutorials on You Tube and Plural Sight about these tools/languages/frameworks but the vast majority of them do not seem to address equipment issues, which I guess makes sense. I know there is a Plural Sight course that is actually dedicated to set up a development environment and I tried to follow it but it was a little too advanced for me.
Thanks in advance for the guidance!
It doesn't matter. Install them on the machine you are more comfortable for you.
In general, if you have an 'everyday/development' computer and a separate dedicated web-server, how do you know where to install things like Node.js, Angular.js, etc...
If you want to learn and test stuff it doesn't really matter on what computer you are going to install them. For example I have a RaspberryPi ubuntu server which is online 24/7. I write my code/apps on my development machine (which I use only when I'm coding/playing games/doing work) and then migrate/move the code and run it on the linux server. (You can see what git/bitbucket is).
And don't worry to make the wrong decision with your setup - you will learn a lot like that. By the way there is no right or wrong answer here.
I have searched everywhere for a solution to this problem but for whatever reason I cannot find a clear answer as to how I can carry out this task.
I have built a very simple server with node.js that accesses two numbers from a website API and outputs them onto a localhost port on my computer as shown below:
My question is how can I take my server and make it accessible to applications without having to go into the command line and run the server file? Is there a way I can host it online instead of locally so that I can distribute the application and anyone with the application can pull from this server? What would be the best way to go about accomplishing this task?
Heroku is probably one of the easiest ways to get started with deploying the application: https://devcenter.heroku.com/articles/getting-started-with-nodejs#introduction
However, if you are not familiar with git, Microsoft Azure Webapps is also another great option: https://tryappservice.azure.com/
They both offer free plans which should get you up and running fast!
Question 1: how can I take my server and make it accessible to applications without having to go into the command line and run the server file?
To start a node server you will always need to use the console. If you are not used to,it's time to start :) .
You will be using it not only for node servers but for administrating (almost) every server in the world.
Question 2: Is there a way I can host it online instead of locally ?
There are a lot of nodejs hosting platforms, you can choose between PaaS solutions or IaaS solutions ( AWS EC2, Digital Ocean, etc.) . Probability the easiest way to start ar PaaS services, in this blogbost you will find a good list of PaaS hosting providers. Some of them have free plans.
Take a look at Heroku. They have a free tier (with limitations) and a hobby tier for $7/month.
I have implemented that with Amazon AWS, they offer free option for a limited time, but still great because you have full control on the console, you should be careful while installing the machine on cloud, you have many guides online that you can follow for steps, this one for example has step by step info, try to follow the steps and you will be able to run your app and access it from any public network.
Sorry for the rather ignorant question, but I'm a bit confused regarding these two technologies. I wrote a webserver in C# that uses Fleck and everything works great but I realized I probably couldn't find a hosting provider that would run .NET applications.
I want to use websockets and I found socket.io to be really popular but I'm not sure exactly what it is. Correct me if I'm wrong, but, is it just like writing a server in javascript and you run the javascript file with the node.exe application and then the server is running? How do people find hosting providers that will provide that sort of service?
Lastly, is socket.io just an extension of nodejs? Do you have to code your server in javascript when you use socket.io? Again, sorry for the very novice questions but I'm just trying to understand a few basic things before I continue. Thanks.
There are a few companies that will host your node application. Its not the same as your transitional web hosts where you provide them with files and they serve the files for you. When working with node you're writing the actual web server.
Some of the popular ones around are below:
https://devcenter.heroku.com/articles/nodejs
http://nodejitsu.com/
http://nodester.com/
#Roest: A virtual server sounds intriguing. What are the pros and cons
of such an approach? Also, considering how popular nodejs is how can
its webserver hosting support be so limited? How do people use it?
When working with a virtual server you have full rain over what your running on the server.
Pros
Freedom, you get to pick all the software you want to run on your machine. A lot of the times when working with nodejs you're going to want some custom software to be running along side your application. Most of the time this is your database layer, which ever you choose.
Cons
YOU have to maintain it. Like #Roest stated, this isn't much of a con for most people as this ties directly into the freedom a virtual server gives you but it is something you need to take into account.
I think the reason you see limited support for nodejs is because its relatively new, and its so easy to setup yourself.
I want to use websockets and I found socket.io to be really popular
but I'm not sure exactly what it is. Correct me if I'm wrong, but, is
it just like writing a server in javascript and you run the javascript
file with the node.exe application and then the server is running?
That's pretty much exactly what nodejs is, or at least how you use it. Nodejs itself is Google's V8 javascript engine running on your server, along with a large number of libraries and C bindings that allow you to interact with your server in a way that the V8 engine won't let you.
This is an example of a webserver in nodejs (A very limited one)
var http = require('http');
http.createServer(function (req, res) {
res.writeHead(200, {'Content-Type': 'text/plain'});
res.end('Hello World\n');
}).listen(1337, '127.0.0.1');
console.log('Server running at http://127.0.0.1:1337/');
It just responses Hello World to every request and always returns a 200 status code.
Going from something like this to a simple file server is fairly easy and quick, but a few people have already tackled this problem for you.
http://expressjs.com/ - Very powerful web server, but still gives you a lot of freedoms.
https://github.com/nodeapps/http-server - Simple web server, I use it mainly as a command line tool to instantly server files over http.
Lastly, is socket.io just an extension of nodejs? Do you have to code
your server in javascript when you use socket.io? Again, sorry for the
very novice questions but I'm just trying to understand a few basic
things before I continue. Thanks.
socket.io among many others is a module of nodejs. Depending on your definition of extension it may be the wrong word to use. Most of the time when using socket.io you'r going to be using an existing http server and then extending, or wrapping your server with socket.io. I wrote a previous explanation of how nowjs does this. My guess is socket.io is very similar.
To answer the bulk of that question: Yes, you will still be writing your code in javascript. You will just be utilizing the socket.io API.
#travis has already covered everything you need to know about node and socket.io
I'd only like to say that you don't have to buy a special hosting dedicated for node.
My game is hosted on VPS with Ubuntu
I find it really easy to deploy and maintain. There is a package for Ubuntu and instalation takes literally four lines of copy/paste
https://github.com/joyent/node/wiki/Installing-Node.js-via-package-manager
ps: I am not using socket.io but einaros/ws library which I find much less overblown.