0

I've been learning more about hosting my own web server and specifically one with HTTPS, and was wondering what the best practice is.
Should you handle the HTTPS in the application itself or should you make a separate proxy application to put between it that handles all the HTTPS stuff so your application doesn't have to?

My personal example in case my question isn't clear:
I now have 2 separate Node applications running on my server, and I wanted to have them accessible using the same domain name but separate paths.
So App1 uses /app1/ and App2 uses /app2/
I then found http-proxy-middleware which is able to do this. But then I discovered that it was also possible to handle the HTTPS stuff this way.
This meant that I was able to strip out all the things about handling HTTPS from my applications, and just let the proxy do it.
I image using the proxy is the preferred way, but I have no idea whether there are some hidden downsides or something.

Anatoly
  • 20,799
  • 3
  • 28
  • 42
Naomi
  • 65
  • 6
  • Read about reverse proxies, one of the popular one is nginx, which has many things built-in. – felixmosh Jan 10 '21 at 10:42
  • @felixmosh Thanks! The third bullet point for 'Uses of reverse proxies' on Wikipedia is literally about offloading the TLS encryption to a reverse proxy, so I guess this is something that is widely used. – Naomi Jan 10 '21 at 11:40
  • Yeap, Nginx is great with reverse-proxying, usually used as "front server" which handles https, serving static assets and glowing (via reverse proxy) separate apps under one domain / sub-domains – felixmosh Jan 10 '21 at 14:06

0 Answers0