The server-side javascript of my app is in a file called "server.js". If anyone runs [app-name].rhcloud.com/server.js in the browser, he will be able to read all the information inside the file. So, how do we prevent this file from being public? There are some information inside it that can't just be public, like the password of the MySQL database, etc.