Posts Subscribe to CommentsComments

Zilong Mobile Legends

Thursday, September 10, 2015

How to Redirect WWW to without www in NodeJS with configure HTTPS SSL and using AngularJS ExpressJS

For Example in your main js:




// require your libraries
var express = require('express')
,express_app = express()
,https = require('https')
, http = require('http')
, fs = require('fs')
;
// using HSTS for getting A plus when checking in SSL Labs
var ONE_YEAR = 31536000000;
express_app.use(helmet.hsts({
     maxAge: ONE_YEAR,
     includeSubdomains: true,
     force: true
}));
// using javascript framework like as AngularJS
express_app.use(express.static('./dist/'));
// set your SSL for https
var privateKey = fs.readFileSync('./ssl/yourssl.key')
,certificate = fs.readFileSync('./ssl/yoursslcrt.crt')
,certificateAuthority = [
          fs.readFileSync('./ssl/yourcrt1.crt')
         ,fs.readFileSync('./ssl/yourcrt2.crt')
         ,fs.readFileSync('./ssl/yourcrt3.crt')
 ];
// redirect when user type http (without S, https)
insecureServer = http.createServer(express_app);
        insecureServer.on('request', function (req, res) {
        res.setHeader(
          'Location'
        , 'https://' + req.headers.host + req.url
        );
        res.statusCode = 302;
        res.end();
});
// set Chiper SSL
var server = https.createServer({        
          secureProtocol: 'SSLv23_method',
          secureOptions: constants.SSL_OP_NO_SSLv3,
          key: privateKey,
          cert: certificate,
          ca: certificateAuthority,
          ciphers: [
          "ECDHE-ECDSA-AES256-GCM-SHA384",
          "ECDHE-RSA-AES256-GCM-SHA384",
          "ECDHE-ECDSA-AES256-SHA384",
          "ECDHE-RSA-AES256-SHA384",
          "ECDHE-ECDSA-AES256-GCM-SHA256",
          "ECDHE-RSA-AES256-GCM-SHA256",
          "ECDHE-ECDSA-AES256-SHA256",
          "ECDHE-RSA-AES256-SHA256",
          "DHE-RSA-AES256-GCM-SHA384",
          "DHE-RSA-AES256-GCM-SHA256",
          "DHE-RSA-AES256-SHA256",
          "ECDHE-ECDSA-AES128-GCM-SHA256",
          "ECDHE-RSA-AES128-GCM-SHA256",
          "ECDHE-ECDSA-AES128-SHA256",
          "ECDHE-RSA-AES128-SHA256",
          "ECDHE-ECDSA-AES128-SHA",
          "ECDHE-RSA-AES128-SHA",
          "DHE-RSA-AES128-GCM-SHA256",
          "DHE-RSA-AES128-SHA256",
          "DHE-RSA-AES128-SHA",
          "AES256-GCM-SHA384",
          "AES256-SHA256",
          "AES128-GCM-SHA256",
          "AES128-SHA256",
          "AES128-SHA",
          "DES-CBC3-SHA"
          ].join(':'),
          honorCipherOrder: true
        }, express_app);
// redirect when user type www to without www
server.on('request', function (req, res) {
       if (req.headers.host.match(/^www/) !== null ) {
    res.redirect('https://' + req.headers.host.replace(/^www\./, '') + req.url);
}
});
// running server server.listen(443, function(){  
      console.log("Secure Express server listening on port 443 ");
});

Related Posts by Categories



Bookmark and Share

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)