0

I have an app with node.js and express.js server and I want to provide access from 4 points:

  1. https://www.example.com
  2. http://www.example.com
  3. https://example.com
  4. http://example.com

And I am not sure what is the better approach here.

  1. run two servers (https.createServer and http.createServer) and redirect all from http to https server
  2. or make some redirect on Domain panel?

And what about 'www' vs 'non-www'? It should also be set by hosting / domain panel?
This is new area for me and I have no idea, at least I hope this is proper StackExchange forum. Any links with more explanations would be great

Jenny D
  • 27,780
  • 21
  • 75
  • 114
Piotr Wójcik
  • 103
  • 2
  • If your hosting provider offers an auto redirect from non-www to www, there's no harm in just using that. If your hosting provider offers an auto-redirect from http to https, why not use that also? The only thing you might lose by using the auto-redirects are the ability to log them (if that ever mattered). – jfriend00 Jun 11 '17 at 15:08

3 Answers3

2

The best practice to handle all these in the actual web server (Apache / nginx) which has the application server behind it via reverse proxy.

Tero Kilkanen
  • 36,796
  • 3
  • 41
  • 63
  • So I should run both - nginx and node.js servers. Really node.js isn't sufficient ? – Piotr Wójcik Jun 11 '17 at 21:23
  • 1
    Yes, that is the best practice which you were asking for. You can run node.js only, but that adds unnecessary complexity to your code and makes scalability more difficult in the future. – Tero Kilkanen Jun 12 '17 at 07:28
1

The easy way is to use Nginx (https://www.nginx.com) It have a reverse proxy, so you can handle several locations for the same app. You can even configure a balance loader. For example, you can configure a path with www and other without www, other with http and other one for https. All of this without touch for code base application in node.

jalamprea
  • 31
  • 5
1

Another nice option you have is to use Caddyserver as a proxy, configuring it to respond to all four domains, and then proxy internally to you application.

With it you get all the benefits mentioned with nginx, plus automatic HTTP/2 and SSL with Let's Encrypt including handling the renewal. Can use your own certificates if you already got them.

Install and configuration are surprisingly easy.

For instance, configuration file (Caddyfile as it is called) would look like (a rough estimate, not actually tested):

    www.example.com, example.com {
      tls you@email.com
      proxy / http://127.0.0.1:8080
    }
Pablo
  • 440
  • 2
  • 9
  • Wow, never heard about it. In fact after all I run server without nginx and everything works, but definitely I check this project. Thanks a lot – Piotr Wójcik Jun 17 '17 at 16:31