I just came across this article that basically says if you have 2 IP addresses, you can tell your server (through WHM) to ignore one of them, rebuild Apache, and then tell your Node.js server to listen on port 80 through the disabled IP address (i.e.: server.listen(80, '111.111.111.111') where the second parameter is the IP address).
This sounds super easy - easier to set up than this suggestion using nginx, at least - but one comment on the article concerns me about the first/easier approach. According to the poster:
Anyway you now have a service (a node server) running as ROOT (since port 80 is privileged and you have done nothing to separate out the privileges)
Is this a legitimate concern? No other comments even addressed this, so there's no validation on that thread. I can follow the steps for the second suggestion using nginx, but it requires editing my /etc/hosts file, and I'm hesitant to do that without having a better idea of what I'm doing.
Any suggestions would be welcome. I have 2 IP addresses on my VPS account, but I don't necessarily have a preference on where my Node.js app runs - it just needs to work for a single domain at this point.
Edit: This question was marked as duplicate of another question about best practices for running Node.js on port 80. That user specifically states that they're NOT trying to use Apache at the same time. I am trying to decide between using one IP address WITHOUT Apache (as that user has), vs. using my existing IP address WITH Apache and also nginx, as well as the security concerns for both.
