I am working on MVC4 application. This is how my directory structure looks like:
App_Data
App_Start
Content
Controllers
Images
Models
node_modules
Scripts
Views
server.js //This is where my server script resides
Node.exe
This is how it all fits together:
Server.js is running on a server. User goes to a index.cshtml page and a connection to the server is created. If there are multiple users on the same page, they all can share data/thoughts etc. using "kind of" chat. each user's action is relayed to other connected users.
What i am wondering is how do i avoid someone directly pointing to my server.js file from the browser and view the content of it.
You appear to be running two separate web servers.
The first serves your MVC4 ASP files while the second serves your node.js application.
Placing the node.js files under the webroot of your ASP application makes them visible to browsers that visit your ASP application.
node.js is a web server in it's own right and does not require any other web server to operate.
I would move your node.js application outside of your ASP webroot. This will make its files inaccessible to browsers.