SYSTEM ADMIN BOOK
  • Hardware/Physical Machines
    • Physical Networking
      • Patch Panel
    • Hardware Devices
    • PC Build
    • RAID Configs
  • System Configuration
    • Windows
      • OneDrive for Business, Map as Network Drive in Windows
      • PDF Printer
      • Reset Windows Password
    • Linux
    • Mac
      • Factory Reset Mac Mini
      • Install FortiClient VPN
      • Remove FortiClient VPN for Macs
      • Setting Microsoft Teams Notifications in MacOS
      • Download and Install Whatsapp
  • Windows Server
    • Troubleshooting
      • 100% Disk Usage Issue
      • Maximum Path Length Limitation
    • Basic Configurations
      • Change Hostname
      • Change Default RDP Port
      • Create a User
      • Add user to Administrator group
      • Add user to Remote Desktop Users group
      • Allow log on locally - security policy setting
      • Allow Multiple Remote Desktop Connections
      • Enable Insure Guest Authentication
      • Shrink Partition
      • Extend Partition
    • FTP Server
      • Install FTP Server (IIS)
      • Create User Group
      • Add FTP Site (IIS)
      • User Isolation
      • Allow Firewall
      • FTP Client (FileZilla)
      • FTP Server (FileZilla)
      • Configure Passive Mode in FileZilla Server
      • Configuring Windows Firewall for FileZilla Server
      • FileZilla: Password reset
      • Generate a New Self-Signed Certificate
    • Group Policy
      • Block Access to the Control Panel for All Users
      • Create a Logon Banner (Legal Notice)
      • Enable / Disable Copy-Paste Policy
      • Disable Shutdown, Restart Options
      • Disable Multiple Session for Single User
      • Disable Automatic Lock Screen in Windows Server
    • Services
      • NSSM - the Non-Sucking Service Manager
      • Node-windows Library
    • Task Scheduler
      • Automate Program Execution
      • Restart Windows Server Daily
    • Auditing and Diagnostincs
      • Enabling the System Event Audit Log
      • Audit RDP Port Change Event
      • Check the read/write speed of your hard drive
      • Clear temp file and .trc file
    • Event Viewer
      • Restart / Shutdown Event
  • Control Panels
    • Plesk
      • Set Hard Quota on disk space for subscription(s)
      • Changing MX, A, and CNAME Records
      • Host Node.js Application
      • Add FTP account
      • Remove FTP account
      • Download a folder using Plesk File Manager
      • Install WordPress on domain using WP Toolkit
      • Change the name of a Subscription system user
      • Exporting and Importing Database Dumps
    • OVI Panel
      • DNS Zone Editor
    • SolidCP
      • Add a MS SQL database in SolidCP
    • cPanel
  • Virtualization
    • Proxmox VE
      • Introduction
      • Download Proxmox ISO
      • Prepare Installation Media
      • Launch Proxmox Installer
      • Create a VM
  • Web Servers
    • IIS
      • Install IIS
      • Configure Default Site
      • Application Pool
      • Installing PHP
      • Deploy a PHP Application
      • Deploying a Laravel app on Windows using IIS
      • Update PHP Version in IIS
      • Host a Node.js /w Next.js Application
    • JBoss
  • VPNs and Proxy Servers
    • Reverse Proxy
      • IIS - Node.js Application
  • Database Servers
    • MS SQL
      • Download and Install
      • Install SSMS
      • Uninstall an Instance of SQL Server
      • Enable SA Account
      • Change SA Account Password
      • Enable Network Access to SQL Express
      • Create and configure a user in MSSQL
      • Clear SQL Server Cache
      • Setting Infinite Timeout in SQL Server Contexts
      • Take SQL Server Database Offline
      • Memory configuration
  • Web Dev Stacks
    • MERN (w/ Next)
      • Build and Run Node.js Project with Next.js
  • IT Ticketing Systems
    • Jira Ticketing System
  • Linux Servers
  • AWS Environment
  • Azure Environment
  • Backup and Security
    • SSL Certificates
      • Types of SSL Certificates
      • IIS 10: Create CSR and Install SSL Certificate
      • IIS 7: Generate CSR for Wildcard SSL
      • IIS: Generate CSR for Multi-Domain SSL
      • OpenSSL: Generate CSR
      • IIS 10: How to Install and Configure Your SSL Certificate on Windows Server
      • IIS: Export Pfx using MMC
      • IIS: Import Pfx using MMC
      • IIS: Export Pfx using IIS Manager
      • IIS: Import Pfx using IIS Manager
      • cPanel: Export PFX
      • Godaddy-CPanel: Generate a CSR
      • Godaddy-CPanel: Install SSL Certificate
      • cPanel: Generate CSR
      • cPanel: Install SSL Certificate
      • cPanel: Install Let's Encrypt SSL
      • Plesk: Generate CSR
      • Plesk: Let's Encrypt SSL Installation
      • Plesk: Installing the SSL certificate
      • Plesk: Export Public & Private Key
      • Win-ACME Let's Encrypt SSL
      • Certbot - Install SSL
      • Export Leaf, Root, and Intermediate Files
      • XAMPP - Let's Encrypt SSL Installation
      • JBoss Web Server: CSR Generation
      • JBoss: Install SSL Certificate
    • Backup
      • Database
        • MS SQL DB Backup
        • MS SQL Restore Backup
    • Microsoft Defender for Endpoint
      • Introduction & Licenses
    • Microsoft Intune - Endpoint Management
      • Product Introduction
      • Intune Policies for MacOS
      • Enroll your macOS device using the Company Portal app
    • Vulnerability Scanning
      • OpenVAS Quick Guide
      • Nessus Quick Guide
    • Acronis
      • Download and Install the Acronis Cyber Protection Agent
      • Performing a file-level backup
      • Creating a disk-level backup
      • Performing a file-level recovery
      • Enabling Active Protection and Vulnerability Assessment
  • Email and Office 365
    • Troubleshooting
      • Run a message trace in the Exchange admin center
      • Not receiving email
      • Office 365 Apps Activation Error
      • Gmail Issue: Clearing Cache and Cookies
      • Excel worksheet, right click insert not functioning
      • Microsoft 365 Apps activation error: “Your organization has disabled this device”
    • Hybrid Mail Setup
      • Set Up Connectors Between Microsoft 365 and SmarterMail
    • Email Authentication
      • Protocols
    • Mail Clients
      • Outlook
        • Maximum number of Exchange accounts in an Outlook profile
        • Enable automatic forwarding in new Outlook
        • Add Email Signature
        • Create Email Singature
        • Gmail Account Login in Outlook
        • Enable desktop notifications for Outlook on the Web (OWA) in Windows
      • Apple Mail
        • Add email accounts in Mail on Mac
        • Add Mail Signatures
      • Gmail
        • Mail Forwarding to Another Account
        • Set Up an Auto-Reply (Vacation Responder) in Gmail
    • Office 365
      • Intro & Subscriptions
      • How to Create a Trial Account
      • How to Access the Office 365 Admin Center
      • Creating a Tenant
      • Create Users
      • Add several users at the same time to Microsoft 365
      • Creating & Managing Roles
      • Add a Domain
      • Manage MFA
      • Let users reset their own passwords
      • Assign Global Admin Roles
      • Create APP Password
      • Change a user name and email address
      • Reset MFA for Microsoft 365 User
      • Configure email forwarding
      • Add email aliases to a user
      • Change Username or Email Address
      • Export Mailbox to PST From Office 365
      • Import PST to Exchange Online (Microsoft O365)
      • Enable archive mailboxes for Microsoft 365
      • Grant Export Permission in M365 Compliance Center
      • Generate Transfer Token
    • Google Workspace
      • Intro & Plans
      • Create your Google Workspace trial account
      • Review your DNS records
      • Adding Users
      • Create organizational units
      • Restrict access to a Google Workspace service
      • Edit user attributes
      • Manage user accounts
      • Suspend a User
      • Generate a Transfer Token
      • Reduce Licenses in Google Workspace
      • Auto-forward From Google Workspace Using Routing
      • Recovering administrator access to your account
    • MailEnable
    • SmarterMail
      • SmarterMail Installation
      • SmarterMail Server Setup
      • Installation and Configuration (Practical)
      • Enable / Disable Domain in SmarterMail
      • Enable / Disable MFA for User Accounts
      • Create an Administrator User in SmarterMail
    • Microsoft Teams
      • Guest Access vs. External Access
      • Adding Guests To Microsoft Teams Team
      • Teams Chat DIfferent Domain: Enable External Access
      • Setup Teams Time Zone and Work Hours
      • Add Contact Numbers in Profile Page
    • Microsoft Defender for Office 365
      • Remove blocked users from the Restricted entities page
    • Microsoft Purview
      • Create a Retention Policy for Archiving in M365
  • DevOps
  • Firewalls and Access Points
    • Windows Firewall
      • Allow Ports on Windows Firewall
    • Sophos Firewall
      • Set up a new firewall with Sophos Central
      • Enable Sophos Central management of Sophos Firewall
  • Networking
    • Troubleshooting
    • Cisco Router Config
    • Cisco Switch Config
      • Basic Data and Voice VLAN Setup Homelab
  • Migration
    • Drive Migration
      • Google Drive to One Drive
      • One Drive to One Drive [SharePoint Migration Tool]
      • Migrate Google files to Microsoft 365 for business
    • Mail Migration
      • Google Workspace to Office 365 (Manual Method)
      • Google Workspace to Office 365 (Automatic Method)
      • IMAP to Office 365
      • Migration Using PST File Method
      • Office 365 to Google Workspace Migration
      • G-Suite to G-Suite Migration
    • VM Migration
    • Website Migration
      • Migrating IIS Sites Using Web Deploy
      • Plesk to Plesk Migration
    • Database Migration
  • Monitoring
    • Prometheus
      • Monitoring Windows Servers Using Prometheus
    • Grafana
      • Visualize Data in Grafana
    • Loki
  • Data Center
    • HPE ProLiant ILO Configuration
  • Other Technologies
    • Some R&Ds
      • Active vs. Passive Mode in FTP
      • IIS Recycling and Virtual Memory Limit
      • IIS Application Pool
Powered by GitBook
On this page
  • Reverse-Proxying Node.js Apps on Windows with IIS
  • REFERENCES

Was this helpful?

  1. VPNs and Proxy Servers
  2. Reverse Proxy

IIS - Node.js Application

PreviousReverse ProxyNextDatabase Servers

Last updated 3 months ago

Was this helpful?

Reverse-Proxying Node.js Apps on Windows with IIS

You can run Node.js apps on Windows with the added layer of a reverse-proxy with the built-in web service manager IIS. Together with a process manager like PM2, it’s a viable strategy to run apps for production.

Why use a reverse proxy?

Another big benefit is being able to redirect traffic to appropriate web services by using URL rules. Let’s explore this last benefit further.

Run a Node.js web service

If you already have a running Node.js app that you want to use, you can skip this step. Otherwise, let’s create a really simple Node.js web server that will reply to HTTP requests.

  1. Create a new directory and initialize an npm project within it. Make sure the name of the directory makes sense in relation to the name of the app. In this case, we’re just making a simple test app.

mkdir testapp
cd testapp
npm init -y

  1. Install Fastify. It is a fast and low-overhead web framework for Node.js.

npm i fastify

  1. Create a file called server.js with the following contents.

const fastify = require("fastify")({ logger: true });

fastify.get("/", async () => {
  return { hello: "world" };
});

const start = async () => {
  try {
    await fastify.listen(process.env.PORT || 3000);
  } catch (err) {
    fastify.log.error(err);
    process.exit(1);
  }
};

start();

  1. Run the server and check if it responds correctly in your browser. By default, it will listen on port 3000.

node server

Manage your Node.js web services with PM2

Again, if you already have this part taken care of, you can skip this step. Otherwise, let’s manage our service(s) with PM2. PM2 is an advanced process manager for production Node.js applications.

  1. Make sure you kill any running Node.js processes, such as the one we started in the last section.

  2. Install PM2.

npm i -g pm2

  1. Create a PM2 configuration file called ecosystem.config.js somewhere appropriate. This might be in the root of your server or in your user directory. This file will contain configuration for all of your Node.js web apps.

module.exports = {
  apps: [
    {
      name: "Test App",
      script: "path/to/testapp/server.js",
      env: {
        PORT: 3000,
      },
    },
  ],
};

You can put as many apps in here as necessary. Make sure they all have different PORT values. I recommend naming each app something useful that matches the app’s directory name. This makes management easier.

  1. Run PM2 and start the apps by using the ecosystem configuration.

pm2 start ecosystem.config.js

With the app up and running, head back to your web browser and make sure everything is still working.

It’s worth noting that any time you make a change to ecosystem.config.js, such as when you create a new Node.js app and you add it to the list, you can reload the configuration.

pm2 reload ecosystem.config.js

Turn on Internet Information Services

Running the application like this works great, but you’d ideally want a dedicated web server like IIS fielding your HTTP requests for all of the reasons mentioned earlier in this post. Here, we’ll set up directing traffic to appropriate Node.js web services by using URL rules.

IIS is a web server product from Microsoft that you can turn on in Windows 10.

  1. Click the Start button or press the Windows key. Type “Turn Windows features on or off” and press Enter. The Windows Features window appears.

  1. Check the box for Internet Information Services. The box will be filled in with a square, indicating that some features within it are selected. The features that are selected by default are fine. So just click OK.

Install Application Request Routing and URL Rewrite

These two products from Microsoft are essential to using IIS as a reverse proxy.

  1. Click the Start button or press the Windows key. Type “Microsoft Web Platform Installer” and press Enter.

  1. If a User Account Control box appears, click Yes. The Web Platform Installer window appears.

  1. In the search box in the upper right corner, type “Application Request Routing” and press Enter.

  2. Click the Add button in the row labeled Application Request Routing 2.5 with KB2589179. If there’s a newer version, you could choose that one instead, but this is the one I’m familiar with.

  3. Back in the search box, type “URL Rewrite” and press Enter.

  4. Click the Add button in the row labeled URL Rewrite 2.1.

  5. Click the Install button.

Set up a URL Rewrite rule

  1. Open IIS Manager by clicking Start or pressing the Windows key, typing “Internet Information Services” and pressing Enter. The manager window appears.

  1. In the Connections pane, click the arrow next to your PC’s name, then the arrow next to Sites. Finally, click on Default Web Site to select it.

  1. Double-click URL Rewrite to open its features. There will probably be no rules in place by default.

  1. In the Actions pane on the right, click Add Rule(s)…

  1. Click to select Reverse Proxy and then click OK.

You may see a message about enabling Application Request Routing. Go ahead and accept it.

  1. Enter the server name or IP address where HTTP requests will be forwarded. This is where your Node.js server is listening. If you set up your environment according to this guide, this will be localhost:3000. You can leave the other options set to their default and click OK.

We’re almost done. With that rule saved, IIS will proxy any traffic heading towards localhost to localhost:3000. You can test that in your web browser.

Notice we didn’t have to specify the port this time.

  1. To make management easier, let’s give this rule a name. Click to select the newly created rule, then click Rename under Inbound Rules on the right.

Name it “Test App” or something else appropriate. I recommend naming it exactly the same as the name in your PM2 configuration.

  1. With the rule still selected, click Edit… under Inbound Rules on the right.

  1. In the Pattern box, type testapp/?(.*) and click Apply. You can replace testapp with whatever you like, but I recommend naming it similar to the Node.js app directory, the PM2 name, and the URL Rewrite rule.

Load up the web browser one more time and check it out.

REFERENCES

Having a dedicated web server like IIS fielding your HTTP requests makes things more manageable and enables standard web server features like SSL termination, compression, and load balancing. For more information, I recommend Thomas Hunter II’s post “”

Make sure IIS is up and running by starting your web browser and navigating to . If a site appears similar to the one below, you’re in business.

Note: If you do not have it installed, you can download .

This is great, except when you have multiple Node.js apps running and you want to direct users to the correct one based on the URL they are visiting. In our case, we want any user who visits to see our Node.js test app.

Now any request to any any URLs deeper in that path will be proxied to our Node.js app.

Why should I use a Reverse Proxy if Node.js is Production-Ready?
http://localhost
Web Platform Installer from Microsoft
http://localhost/testapp
http://localhost/testapp
https://travishorn.com/reverse-proxying-node-js-apps-on-windows-with-iis-acee318b6759