I am hosting a NodeJS app on a Windows Server via IIS using iisnode. The app has Express routes and when I launch the app on the server via node (ex. NPM Start), it executes the Get routes without issue.
However, when running through IIS, it has a 404 for the routes. It loads the main page and page running Swagger without issue... but any Get route that is executed generates a 404. The IIS_IUSRS account has full control of the whole app folder. I suspect it is something in the web.config not properly rewriting for the Get routes (I had thought this occurs by default).
Here is my web.config:
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<handlers>
<add name="iisnode" path="server.js" verb="*" modules="iisnode" />
</handlers>
<rewrite>
<rules>
<rule name="LogFile" patternSyntax="ECMAScript" stopProcessing="true">
<match url="^[a-zA-Z0-9_\-]+\.js\.logs\/\d+\.txt$"/>
</rule>
<rule name="NodeInspector" patternSyntax="ECMAScript" stopProcessing="true">
<match url="^server.js\/debug[\/]?"/>
</rule>
<rule name="StaticContent">
<action type="Rewrite" url="public{REQUEST_URI}"/>
</rule>
<rule name="DynamicContent">
<conditions>
<add input="{REQUEST_FILENAME}" matchType="IsFile" negate="True"/>
</conditions>
<action type="Rewrite" url="server.js"/>
</rule>
</rules>
</rewrite>
<iisnode nodeProcessCommandLine="C:\Program Files\nodejs\node.exe" />
<security>
<requestFiltering>
<hiddenSegments>
<add segment="node_modules" />
</hiddenSegments>
<verbs>
<add verb="GET" allowed="true" />
<add verb="POST" allowed="true" />
<add verb="PUT" allowed="true" />
<add verb="DELETE" allowed="true" />
</verbs>
</requestFiltering>
</security>
</system.webServer>
</configuration>
Here is my server.js (I have tried the port with or without 3000 (ex. const port = process.env.PORT) but no difference in behavior):
// MODULES AND REQUIRES
const express = require("express");
const app = express();
const path = require('path');
const swaggerJsDoc = require("swagger-jsdoc");
const swaggerUi = require("swagger-ui-express");
const objectMapper = require('object-mapper');
const cors = require('cors');
// Require Routes
var api1 = require('./routes/api1.js')
var api2 = require('./routes/api2.js')
// PORTS AND BASIC EXPRESS APP SETTINGS
const port = process.env.PORT || 3000;
// CORS ALLOW ALL. NOTE IP RESTRICTIONS ARE IN PLACE
app.use(cors({
origin: '*'
}));
// ignore request for FavIcon. so there is no error in browser
const ignoreFavicon = (req, res, next) => {
if (req.originalUrl.includes('favicon.ico')) {
res.status(204).end();
}
next();
};
// Configure nonFeature
app.use(ignoreFavicon);
// Root Route - Serve Static File
app.get('/', (req, res) => {
res.sendFile(path.join(__dirname, '/public/client.html'));
});
// SWAGGER UI CONFIGURATION
// Primary Swagger Options
const options = {
customCss: '.swagger-ui .topbar { display: none } .swagger-ui .scheme-container { display: none }'
};
// Custom Swagger Options: https://swagger.io/specification/#infoObject
const swaggerOptions = {
swaggerDefinition: {
info: {
version: "2.0.0",
title: "My App",
description: "This page lists the available APIs within my app and allows you to test them.",
contact: {
name: "My Name"
},
servers: [{"url":"http://localhost:3000", "description": "Development server"}]
}
},
// ['.routes/*.js'] Location for APIs
apis: ["./routes/*.js"],
};
const swaggerDocs = swaggerJsDoc(swaggerOptions);
app.use("/api-docs", swaggerUi.serve, swaggerUi.setup(swaggerDocs, options));
// ROUTES
app.use('/api1', api1)
app.use('/api2', api2)
// APP LISTEN WITH SSL/HTTPS
app.listen(port, () => {
console.log(`Server listening on port ${port}`);
});
I have been able to resolve this by running a reverse proxy and setting Node to run over Port 3000. For the SSL address, I needed to also add the certificate in the Node app.