My Security concern while testing and result:
I have found that anyone can use your node server hosted on your website without your knowledge, they just need to know the url you hosted and the port number of the node. For example, Official M-Pedia is using
Web address:
https://wabeta.m-pedia.my.id on port number:3200 for hosting their demo.
My Test:
So, technically i tested and i am able to test/run this script without installing/starting node, go to "Setting Server" then select "Other" in "Server Type", Under 'Port Number JS" use 3200, under "Url Node" use
https://wabeta.m-pedia.my.id
DONE !! Now i am able to see scan code 24/7 without having to start or configure node on my server. I am even able to use the same through tunnel and access through temporary web address my local host and complete script without any problem and this is working even on mobile phone.
Note: i have tested this while using script on Localhost only.
So, this is solution for those who are using cheap shared hosting and don't have option to install Node Js in their web hosting server.
This is also the solution for those who don't know how to setup node and wanted to use the script with ease.
My concern:
But on the other hand this is very high concern for someone who is hosting this script on their expensive server, because if anyone knows your web address you are hosting the script and node port number you are using, then they can use your node server to host this script on their cheap server and your bandwidth for free of cost. !!
