Reputation: 4234
Protect Node JS code on apache
I have an AngularJS app combined with a REST-service in Node JS.
I have two folders for each
-Client (Angular JS)
-Backend (Node JS)
I have deployed it on an Apache server. Have made a proxy for Node so api/* is redirected from port 8080 to 3000.
So both these folders are placed in the var/www folder. Problem is you can access mydomain.com/backend/routes/api.js. And there you can see my database login and password. Not a good idea so I removed it. How do I protect this information?
Upvotes: 0
Views: 638
Answers (1)
Reputation: 7771
You can put the following .htaccess file in var/www/backend:
Order deny,allow
Deny from all
If you are running Apache 2.4 (or later), you should use:
Require all denied
You could also restrict access to the backend folder itself (file system permissions) or move the folder.
Upvotes: 1
Related Questions
- Node.js server side code protection
- node.js - Code Protection?
- How can I protect node application source code?
- how to protect server side script and hidden which are writing with Node.js
- node.js code protection
- Node.js File Security
- How to password protect nodejs application using alternative to htaccess
- How to keep security to js and css files using htaccess
- Security in Node.JS Webserver