nginx

Enabling TLS 1.3 SSL on a NGINX Website (Ubuntu 16.04 server) that is using Cloudflare

April 5, 2018 by Simon Leave a Comment

This guide will show you how to enable the latest Transport Layer Security (TLS) 1.3 protocol with it’s predecessor Secure Sockets Layer (SSL) with NGINX and OpenSSL for better website security on an Ubuntu 16.04 server

I have a number of guides on moving hasting away form CPanel, Setting up VM’s on AWS, Vultr or Digital Ocean along with installing and managing WordPress from the command line. Making sure your server is up to date and running the latest SSL software is important. I have updated Open SSL before and blogged about this here. Do backup your server before changing settings and if you use Cloudflare (if you don’t do it now) enable Development Mode (and disable caching until changes are made).

TLS 1.3 is the latest SSL security protocol that can be used between clients and servers to encrypt connections on the web.

TLS 1.3 uptake is only 60% according to https://caniuse.com/#search=TLS%201.3

Read why TLS 1.3 is important and news on TLS 1.3 can be found here: https://www.openssl.org/blog/blog/2018/02/08/tlsv1.3/

Open SSL

Connect to your Ubuntu 16.04 server via SSH (I connected to my Vultr server)

Check what version of OpenSSL you have? My OpenSSL is out of date.

# openssl version
OpenSSL 1.1.0g  2 Nov 2017

1 2	# openssl version OpenSSL 1.1.0g 2 Nov 2017

Tip: What Ciphers does your Open SSL Support?

openssl ciphers -s -v
ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AESGCM(256) Mac=AEAD
ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AESGCM(256) Mac=AEAD
DHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=DH       Au=RSA  Enc=AESGCM(256) Mac=AEAD
ECDHE-ECDSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=CHACHA20/POLY1305(256) Mac=AEAD
ECDHE-RSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH     Au=RSA  Enc=CHACHA20/POLY1305(256) Mac=AEAD
DHE-RSA-CHACHA20-POLY1305 TLSv1.2 Kx=DH       Au=RSA  Enc=CHACHA20/POLY1305(256) Mac=AEAD
ECDHE-ECDSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AESGCM(128) Mac=AEAD
ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AESGCM(128) Mac=AEAD
DHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=DH       Au=RSA  Enc=AESGCM(128) Mac=AEAD
ECDHE-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AES(256)  Mac=SHA384
ECDHE-RSA-AES256-SHA384 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AES(256)  Mac=SHA384
DHE-RSA-AES256-SHA256   TLSv1.2 Kx=DH       Au=RSA  Enc=AES(256)  Mac=SHA256
ECDHE-ECDSA-AES128-SHA256 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AES(128)  Mac=SHA256
ECDHE-RSA-AES128-SHA256 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AES(128)  Mac=SHA256
DHE-RSA-AES128-SHA256   TLSv1.2 Kx=DH       Au=RSA  Enc=AES(128)  Mac=SHA256
ECDHE-ECDSA-AES256-SHA  TLSv1 Kx=ECDH     Au=ECDSA Enc=AES(256)  Mac=SHA1
ECDHE-RSA-AES256-SHA    TLSv1 Kx=ECDH     Au=RSA  Enc=AES(256)  Mac=SHA1
DHE-RSA-AES256-SHA      SSLv3 Kx=DH       Au=RSA  Enc=AES(256)  Mac=SHA1
ECDHE-ECDSA-AES128-SHA  TLSv1 Kx=ECDH     Au=ECDSA Enc=AES(128)  Mac=SHA1
ECDHE-RSA-AES128-SHA    TLSv1 Kx=ECDH     Au=RSA  Enc=AES(128)  Mac=SHA1
DHE-RSA-AES128-SHA      SSLv3 Kx=DH       Au=RSA  Enc=AES(128)  Mac=SHA1
AES256-GCM-SHA384       TLSv1.2 Kx=RSA      Au=RSA  Enc=AESGCM(256) Mac=AEAD
AES128-GCM-SHA256       TLSv1.2 Kx=RSA      Au=RSA  Enc=AESGCM(128) Mac=AEAD
AES256-SHA256           TLSv1.2 Kx=RSA      Au=RSA  Enc=AES(256)  Mac=SHA256
AES128-SHA256           TLSv1.2 Kx=RSA      Au=RSA  Enc=AES(128)  Mac=SHA256
AES256-SHA              SSLv3 Kx=RSA      Au=RSA  Enc=AES(256)  Mac=SHA1
AES128-SHA              SSLv3 Kx=RSA      Au=RSA  Enc=AES(128)  Mac=SHA1

openssl ciphers -s -v

ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESGCM(256) Mac=AEAD

ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(256) Mac=AEAD

DHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=DH Au=RSA Enc=AESGCM(256) Mac=AEAD

ECDHE-ECDSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH Au=ECDSA Enc=CHACHA20/POLY1305(256) Mac=AEAD

ECDHE-RSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH Au=RSA Enc=CHACHA20/POLY1305(256) Mac=AEAD

DHE-RSA-CHACHA20-POLY1305 TLSv1.2 Kx=DH Au=RSA Enc=CHACHA20/POLY1305(256) Mac=AEAD

ECDHE-ECDSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESGCM(128) Mac=AEAD

ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(128) Mac=AEAD

DHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=AESGCM(128) Mac=AEAD

ECDHE-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AES(256) Mac=SHA384

ECDHE-RSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AES(256) Mac=SHA384

DHE-RSA-AES256-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=AES(256) Mac=SHA256

ECDHE-ECDSA-AES128-SHA256 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AES(128) Mac=SHA256

ECDHE-RSA-AES128-SHA256 TLSv1.2 Kx=ECDH Au=RSA Enc=AES(128) Mac=SHA256

DHE-RSA-AES128-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=AES(128) Mac=SHA256

ECDHE-ECDSA-AES256-SHA TLSv1 Kx=ECDH Au=ECDSA Enc=AES(256) Mac=SHA1

ECDHE-RSA-AES256-SHA TLSv1 Kx=ECDH Au=RSA Enc=AES(256) Mac=SHA1

DHE-RSA-AES256-SHA SSLv3 Kx=DH Au=RSA Enc=AES(256) Mac=SHA1

ECDHE-ECDSA-AES128-SHA TLSv1 Kx=ECDH Au=ECDSA Enc=AES(128) Mac=SHA1

ECDHE-RSA-AES128-SHA TLSv1 Kx=ECDH Au=RSA Enc=AES(128) Mac=SHA1

DHE-RSA-AES128-SHA SSLv3 Kx=DH Au=RSA Enc=AES(128) Mac=SHA1

AES256-GCM-SHA384 TLSv1.2 Kx=RSA Au=RSA Enc=AESGCM(256) Mac=AEAD

AES128-GCM-SHA256 TLSv1.2 Kx=RSA Au=RSA Enc=AESGCM(128) Mac=AEAD

AES256-SHA256 TLSv1.2 Kx=RSA Au=RSA Enc=AES(256) Mac=SHA256

AES128-SHA256 TLSv1.2 Kx=RSA Au=RSA Enc=AES(128) Mac=SHA256

AES256-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(256) Mac=SHA1

AES128-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(128) Mac=SHA1

Time to update Open SSL

OpenSSL 1.1.1 beta is available and supports TLS 1.3 but it is n BETA form. OpenSSL code is available here.

I did the following to download and build the latest version of OpenSSL.

mkdir /openssltemp
cd /openssltemp
sudo git clone git://git.openssl.org/openssl.git
cd openssl/
./config --prefix=/usr/local/ssl --openssldir=/usr/local/ssl -Wl,-rpath,/usr/local/ssl/lib
make
sudo make install

mkdir /openssltemp

cd /openssltemp

sudo git clone git://git.openssl.org/openssl.git

cd openssl/

./config --prefix=/usr/local/ssl --openssldir=/usr/local/ssl -Wl,-rpath,/usr/local/ssl/lib

make

sudo make install

I tried to check the open SSL version but had an error?

openssl version 
openssl: /usr/lib/x86_64-linux-gnu/libssl.so.1.1: version `OPENSSL_1_1_1' not found (required by openssl)
openssl: /usr/lib/x86_64-linux-gnu/libcrypto.so.1.1: version `OPENSSL_1_1_1' not found (required by openssl)

openssl version

openssl: /usr/lib/x86_64-linux-gnu/libssl.so.1.1: version `OPENSSL_1_1_1' not found (required by openssl)

openssl: /usr/lib/x86_64-linux-gnu/libcrypto.so.1.1: version `OPENSSL_1_1_1' not found (required by openssl)

A quick GitHub ticket revealed I needed to set a path variable.

export LD_LIBRARY_PATH=/usr/local/lib
echo "export LD_LIBRARY_PATH=/usr/local/bin/openssl" >> ~/.bashrc

1 2	export LD_LIBRARY_PATH=/usr/local/lib echo "export LD_LIBRARY_PATH=/usr/local/bin/openssl" >> ~/.bashrc

Open SSL now reports it’s version.

openssl version
OpenSSL 1.1.1-pre3 (beta) 20 Mar 2018

1 2	openssl version OpenSSL 1.1.1-pre3 (beta) 20 Mar 2018

What version NGINX do you have (1.13 supports TLS 1.3) read here

# nginx -v
nginx version: nginx/1.13.9

1 2	# nginx -v nginx version: nginx/1.13.9

Backup your NGINX

Do backup your server files and take a snapshot if need be. I am not responsible;e for a broken server,

sudo cp -R /etc/nginx/ /nginx-backup-26thMar-2018

1	sudo cp -R /etc/nginx/ /nginx-backup-26thMar-2018

Edit NGINX Configuration

Update NGINX configuration: /etc/nginx/sites-available/default

ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256;
ssl_prefer_server_ciphers on;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
ssl_ecdh_curve secp384r1;

ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256;

ssl_prefer_server_ciphers on;

ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;

ssl_ecdh_curve secp384r1;

tip: Review other NGINX hardening settings here. Also remove TLSv1.0

I tested my NGINX config loaded them and restarted NGINX

nginx -t
nginx -s reload
/etc/init.d/nginx restrat

nginx -t

nginx -s reload

/etc/init.d/nginx restrat

Check the status of NGINX

# /etc/init.d/nginx status

[ ok ] Restarting nginx (via systemctl): nginx.service.
● nginx.service - A high performance web server and a reverse proxy server
   Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
   Active: active (running) 
     Docs: man:nginx(8)
  Process: 15154 ExecStop=/sbin/start-stop-daemon --quiet --stop --retry QUIT/5 --pidfile /run/nginx.pid (code=exited, status=0/SUCCESS)
  Process: 15162 ExecStart=/usr/sbin/nginx -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
  Process: 15159 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
 Main PID: 15166 (nginx)
    Tasks: 4
   Memory: 2.3M
      CPU: 27ms
   CGroup: /system.slice/nginx.service
           ├─15166 nginx: master process /usr/sbin/nginx -g daemon on; master_process on;
           ├─15170 nginx: worker process
           ├─15171 nginx: cache manager process
           └─15172 nginx: cache loader process

# /etc/init.d/nginx status

[ ok ] Restarting nginx (via systemctl): nginx.service.

● nginx.service - A high performance web server and a reverse proxy server

Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)

Active: active (running)

Docs: man:nginx(8)

Process: 15154 ExecStop=/sbin/start-stop-daemon --quiet --stop --retry QUIT/5 --pidfile /run/nginx.pid (code=exited, status=0/SUCCESS)

Process: 15162 ExecStart=/usr/sbin/nginx -g daemon on; master_process on; (code=exited, status=0/SUCCESS)

Process: 15159 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=0/SUCCESS)

Main PID: 15166 (nginx)

Tasks: 4

Memory: 2.3M

CPU: 27ms

CGroup: /system.slice/nginx.service

├─15166 nginx: master process /usr/sbin/nginx -g daemon on; master_process on;

├─15170 nginx: worker process

├─15171 nginx: cache manager process

└─15172 nginx: cache loader process

If you have configured Cloudflare then log in and enable TLS support.

Enable TLS 1.3 in Chrome by visiting chrome://flags/#tls13-variant This should be automatic in later versions of Chrome and other browsers.

Verify TLS

I used the developer tools in Chrome to confirm the page was verified in TLS 1.3.

Updated to 1.1.1-pre6-dev

mkdir /temp
cd /temp
sudo git clone https://github.com/openssl/openssl.git
cd openssl/
./config --prefix=/usr/local --openssldir=/usr/local -Wl,-rpath,/usr/local
make
sudo make install
openssl
OpenSSL> version
OpenSSL 1.1.1-pre6-dev  xx XXX xxxx
OpenSSL> exit

mkdir /temp

cd /temp

sudo git clone https://github.com/openssl/openssl.git

cd openssl/

./config --prefix=/usr/local --openssldir=/usr/local -Wl,-rpath,/usr/local

make

sudo make install

openssl

OpenSSL> version

OpenSSL 1.1.1-pre6-dev xx XXX xxxx

OpenSSL> exit

Don’t forget to test your SSL strength with https://dev.ssllabs.com/ssltest/

I hope this guide helps someone.

Ask a question or recommend an article

Revision History

v1.2 ssl test v1.1 updated to 1.1.1-pre6-dev

v1.0 Initial post

How to setup a twitter feed API endpoint in NodeJS with NGINX, Ruby and T etc

September 17, 2017 by Simon 1 Comment

This is how I set up a twitter feed API endpoint in NodeJS with NGINX, Ruby and T etc. This can be used to integrate SEO or automate Twitter post analytics or automate posts to twitter.

This guide assumes you have an Ubuntu server, nodejs (nginx) and setup ruby, rails and t twitter command line utility setup. Also, you will need to have an API setup and working

Ensure your API is configured in NGINX /etc/nginx/sites-available/default

server {
...
	location /api/appname/v1 {
		#rewrite ^/api(.*) /$1 break;
		proxy_set_header X-Real-IP $remote_addr;	
		# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
		proxy_set_header X-Forwarded-For $remote_addr;
		proxy_http_version  1.1;
		proxy_set_header Upgrade $http_upgrade;
		proxy_set_header Connection $connection_upgrade;
		proxy_set_header Proxy "";
		proxy_set_header Host $http_host;
		root /code/nodejs/appname;
		proxy_pass http://appnmaeapi;
	}
	...
}

server {

...

location /api/appname/v1 {

#rewrite ^/api(.*) /$1 break;

proxy_set_header X-Real-IP $remote_addr;

# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

proxy_set_header X-Forwarded-For $remote_addr;

proxy_http_version 1.1;

proxy_set_header Upgrade $http_upgrade;

proxy_set_header Connection $connection_upgrade;

proxy_set_header Proxy "";

proxy_set_header Host $http_host;

root /code/nodejs/appname;

proxy_pass http://appnmaeapi;

}

...

}

I set up a placeholder GET routine in my node process that we will be used to communicate with the Twitter command line utility.

app.get('/api/appname/v1/feed/twitter/',function(req,res){
	var data = { "Feed":"" };
	data["Feed"] = "Working v0.1";
	res.json(data);
});

app.get('/api/appname/v1/feed/twitter/',function(req,res){

var data = { "Feed":"" };

data["Feed"] = "Working v0.1";

res.json(data);

});

I started 1 instance of the API on a server with pm2 linked to https://keymetrics.io/.

sudo pm2 start /noejs/app01/app.js -i 1 --name "appname"

1	sudo pm2 start /noejs/app01/app.js -i 1 --name "appname"

View API Status with PM2

sudo pm2 status
● Agent Online | Dashboard Access: https://app.keymetrics.io/#/r/######### | Server name:appname-######
┌────────────┬────┬─────────┬──────┬────────┬─────────┬────────┬─────┬───────────┬──────┬──────────┐
│ App name   │ id │ mode    │ pid  │ status │ restart │ uptime │ cpu │ mem       │ user │ watching │
├────────────┼────┼─────────┼──────┼────────┼─────────┼────────┼─────┼───────────┼──────┼──────────┤
│appname │ 0  │ cluster │ 5480 │ online │ 0       │ 87s    │ 0%  │ 35.1 MB   │ apiuser │ disabled │

sudo pm2 status

● Agent Online | Dashboard Access: https://app.keymetrics.io/#/r/######### | Server name:appname-######

┌────────────┬────┬─────────┬──────┬────────┬─────────┬────────┬─────┬───────────┬──────┬──────────┐

│ App name │ id │ mode │ pid │ status │ restart │ uptime │ cpu │ mem │ user │ watching │

├────────────┼────┼─────────┼──────┼────────┼─────────┼────────┼─────┼───────────┼──────┼──────────┤

│appname │ 0 │ cluster │ 5480 │ online │ 0 │ 87s │ 0% │ 35.1 MB │ apiuser │ disabled │

You can restart the API manually with PM2 by typing

sudo pm2 restart "appname"

1	sudo pm2 restart "appname"

I like to use https://paw.cloud/ software to test API’s over say Postman, I can easily see the test placeholder API is working.

The browser works for now but as soon as I add authentication the browser will fail, Paw FTW.

A simple way to authenticate the API is for the caller to pass a known token when requesting the page via an HTTP POST packet.

app.post('/api/appname/v1/feed/twitter/',function(req,res){
	var data = { "Status":"" };
	var wwxapi = req.headers['x-access-token'];
	var data = { "Feed":"" };
	var errData = "";
	if (wwxapi == undefined) {
		console.log(" 499 token required");
		errData = {"Status": "499", "Error": "valid token required"};
		res.statusCode = 499;
		res.send(errData);
		res.end();
	} else {
		var xpikeypass = false;
		// Check the API Key against known API Keys
		if (wwxapi == "appname-##############################") { xpikeypass = true;} // Debug API Key
		if (xpikeypass == true) {
			//  app request validated

			data["Feed"] = "Twitter Feed API Working v0.2";
			res.json(data);

		} else {
			console.log("499 token required");
			errData = {"Status": "499", "Error": "valid token required"};
			res.statusCode = 409;
			res.send(errData);	
			res.end();
		}
	}
});

app.post('/api/appname/v1/feed/twitter/',function(req,res){

var data = { "Status":"" };

var wwxapi = req.headers['x-access-token'];

var data = { "Feed":"" };

var errData = "";

if (wwxapi == undefined) {

console.log(" 499 token required");

errData = {"Status": "499", "Error": "valid token required"};

res.statusCode = 499;

res.send(errData);

res.end();

} else {

var xpikeypass = false;

// Check the API Key against known API Keys

if (wwxapi == "appname-##############################") { xpikeypass = true;} // Debug API Key

if (xpikeypass == true) {

// app request validated

data["Feed"] = "Twitter Feed API Working v0.2";

res.json(data);

} else {

console.log("499 token required");

errData = {"Status": "499", "Error": "valid token required"};

res.statusCode = 409;

res.send(errData);

res.end();

}

});

Don’t forget to restart the API after changes

sudo pm2 restart "appname"

1	sudo pm2 restart "appname"

Now we can change the API endpoint to a POST (instead of GET) and paste the code above and test it. If we pass an invalid “x-access-token” value the API will return error 409 as designed.

Passing the right “x-access-token” will return data (200 OK).

Now we can link the Twitter command line utility with the NodeJS API.

app.post('/api/appname/v1/feed/twitter/',function(req,res){
	var data = { "Status":"" };
	var wwxapi = req.headers['x-access-token'];
	var data = { "Feed":"" };
	var errData = "";
	if (wwxapi == undefined) {
		console.log(" 499 token required");
		errData = {"Status": "499", "Error": "valid token required"};
		res.statusCode = 499;
		res.send(errData);
		res.end();
	} else {
		var xpikeypass = false;
		// Check the API Key against known API Keys
		if (wwxapi == "appname-##############################") { xpikeypass = true;} // Debug API Key
		if (xpikeypass == true) {
			//  app request validated

			var result = require('child_process').execSync('/theuserwithrubyinstalled/.rbenv/shims/t search all "lang:en nodejs" --csv').toString();
			data["Feed"] = result;

			res.json(data);

		} else {
			console.log("499 token required");
			errData = {"Status": "499", "Error": "valid token required"};
			res.statusCode = 409;
			res.send(errData);	
			res.end();
		}
	}
});

app.post('/api/appname/v1/feed/twitter/',function(req,res){

var data = { "Status":"" };

var wwxapi = req.headers['x-access-token'];

var data = { "Feed":"" };

var errData = "";

if (wwxapi == undefined) {

console.log(" 499 token required");

errData = {"Status": "499", "Error": "valid token required"};

res.statusCode = 499;

res.send(errData);

res.end();

} else {

var xpikeypass = false;

// Check the API Key against known API Keys

if (wwxapi == "appname-##############################") { xpikeypass = true;} // Debug API Key

if (xpikeypass == true) {

// app request validated

var result = require('child_process').execSync('/theuserwithrubyinstalled/.rbenv/shims/t search all "lang:en nodejs" --csv').toString();

data["Feed"] = result;

res.json(data);

} else {

console.log("499 token required");

errData = {"Status": "499", "Error": "valid token required"};

res.statusCode = 409;

res.send(errData);

res.end();

}

});

Now we can test the NodeJS API and have is spawn a subprocess and hit Twitter. In this case, we are finding the latest posts on Twitter with NodeJS in them.

Works a treat 🙂

Up next

Schedule getting data from the Twitter command line utility in crontab and save to Redis
Process the CSV and save new Twitter changes to Redis
Query Redis and send returned data back to the API.
Change the API to read from Redis in NodeJ.S
Secure.

Donate and make this blog better

Ask a question or recommend an article

v1.2 Works

Personal Development Blog

Coding for fun since 1996, Learn by doing and sharing.

Follow me on Twitter: @FearbySoftware

Old Hobby /blog/

nginx

Enabling TLS 1.3 SSL on a NGINX Website (Ubuntu 16.04 server) that is using Cloudflare

How to setup a twitter feed API endpoint in NodeJS with NGINX, Ruby and T etc

Popular

Security

Code

Tech

Wordpress

General

nginx

Footer

Popular

Security

Code

Tech

Wordpress

General