How to securely deploy your Node.js App

Jae Duk Seo
Nov 25 · 5 min read

Either you should have AWS or droplet → these are standard → deploying is another thing we should be able to do well. (since this is actually how we make money).

The operating system → as well as the pricing points → these are a good choice for deployment.

For creating SSH → we are using Putty → again standard approach to solving these systems. (saving the public and private keys → standard)

The server set up was easy → and even monitoring those are easier as well. (this is good). (backups and snapshots are also possible).

We are also going to use Nginx as a server while setting up a user for Ubuntu. (copying the SSH might not be the most secure idea).

And installing NODE JS with NPM and packages. (he used sample GitHub).

A lot of SSH configuration was done here → and not really sure if all of those are needed → and WinSCP for file transfers. (very interesting development pipeline setups).

Also running in port 80 → horrible idea. (but pm2 is a good use).

He is using ENOM for domain names.

Setting up the record is easy → other sites also allow these as well.

Horrible idea to use port 80.

He is going to set up a server → in a more server like manner with OpenSSL with other stuff.

Another Guy using Digital Ocean PR → this is a good service overall.

The security → we are going to create a user → and remove the common root target → this is a good approach → very safe approach.

So now we have our Super User → this is a very smart move.

Wow, a very secure way of doing stuff → going to set up SSH correctly → to only let allowed users in. (disable the password login → only allow SSH login → smart move).

We do not want people to do brute force attacks.

The root login is gone → ufw → this is adjusting the firewall → some of the basic attacks can be stopped using this kind of firewalls.

Super important as well → secure.

And we are correctly installing Node JS → this is by using the CURL option → more proper way to install node js.

He used git for → actually developing the app.

We have the App running → and we are going to use PM2 for process manager → now we need to install Nginx for server and OpenSSL.

PM2 → runs everything in the background. (can even configure to start at system startup).

Very interesting → he is using GIT for encrypting→ this may be to avoid the use of domain names.

The certificate → is actually very annoying to do → but this operation can be done with ease → for a secure connection.

But he does have a domain name.

This was how we did things back in 2016 → but it is also a good idea to know.

Making sure the SSL certificate is renewing every year → so we are up to date. (Proxy → Nginx)

Redirecting the traffic to node js application → and we are going to make the connection secure. (we are boosting the security of our site)

Quite a process → but we are making things more secure.

The general process is easy to use → and now there is a python program that does these for us.

This is another post about deployment → the general approach is the same.

It is highly recommended to use PM2 → during the production server → since it automatically manages the process and restarts when there is an exit or error.

Load balancing and more → as well as SSL.

This guy basically copied and pasted from another website → but certbot is great!

And auto-renewal comes with the program

What is better → well both have their own use case → but NODE js → uses concurrency.

We are going to read the file → while not blocking the main thread → this is good → since we want the user to experience something.

Callback hell is really a thing → since if we cannot manage those processors → we would not have any idea what is going to do.

Chaining promise → is a much better way to manage the code → this is much better.

JavaScript in Plain English

Learn the web's most important programming language.

Jae Duk Seo

Written by I love to make my own notes my guy, let's get LIT with KNOWLEDGE in my GARAGE

JavaScript in Plain English

Learn the web's most important programming language.