Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Best practices for setting up a MERN application on AWS

Tags:

nginx

express

amazon-ec2

mern

I know this is subjective and opinionated, but I just need something to start off from knowing what the best practices may be.

I've got a MERN application running on localhost with the React script currently running on port 3000 and an Express.js application running on port 3001.

Now I'm about to set it up live on AWS and am wondering if I should create it like:

website.com for the frontend React stuff with nginx routing anything from port 80 to 3000 while it makes calls to api.website.com running on 3001 on the same instance with website.com and `api.website.com having the same IP address.

or

one separate instance for website.com on a different IP address and another instance for api.website.com on a different IP address for API calls? Both are being accessed without having to specify a port.

I'm curious because most of the time I've used APIs, they don't have a separate port, just a subdomain on what I assume was a different IP address and a different instance.

What would be the best way to set this up keeping in mind I want to use SSL?

like image 277
totalnoob Avatar asked Jun 29 '18 12:06

totalnoob

2 Answers

Serving static applications via SSL is not necessary, but on the other hand, your server application has to be secured. Part of the stack which interacts directly with the database is very crucial and has to be secured against all sorts of vulnerabilities. Only SSL won't do any good unless you follow best practices to secure your node application.

You can use the subdomain for the node application and root domain for the actual site. Also, you can use the 80 port for the website and 443 for your node application by defining different server sections inside your nginx configuration file.

Below are some links where you can find the best practices to follow while deploying node applications on production.

  • https://www.moveoapps.com/blog/set-node-js-application-production-nginx-reverse-proxy/
  • https://blog.risingstack.com/node-hero-node-js-security-tutorial/
like image 93
Abhishek Singh Avatar answered Nov 07 '22 11:11

Abhishek Singh

I would say Nginx exposed to the world, with an SSL certificate and all traffic redirected to port 443.

Everything else bound to 127.0.0.1 and proxied through Nginx. It's simple to set up Nginx to accept requests to api.website.com on port 443 and then proxy them over to 127.0.0.1:3000 or 3001 or whatever.

Then firewall all the other random ports and route absolutely all incoming traffic through Nginx.

like image 35
miknik Avatar answered Nov 07 '22 13:11

miknik
Sign in to Comment

Related questions

In mongoose pre middleware, how do i access the update query?
How to update location in for http call
Folder structure for a Express.js and Angular.js project
Nodejs: wget, unzip and convert to js without writing to file
Restrict access to Node.js using Express
Setting access token cookie in Loopback?
Using a try catch around an object literal
Async/Await - Typescript and ExpressJs
Express.js response status code with jsonp payload
How do I properly set routes up for a Single Page App using Express.js?
Reverse Proxy login with credentials from node.js
Setting an object on req. in the first of two middlwares seems to not be present at the time the second middlware is called
How to convert a mixed type to an object type
httpUploadProgress is not working as expected for Buffer data?
How to upload file using swagger-express-mw and express?
how to Break a For loop which has if statement in Nodejs
How to disable keep-alive in node server
What is the point of keys prop of cookie-session library for ExpressJS?
createReadStream not working/extremely slow for large files
How to use webpack-hot-server-middleware with Firebase functions in express

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!