In Cloud Foundry (the open source technology behind Bluemix), when you do a cf push, Cloud Foundry will actually stop your app and restart it with the new code that you just uploaded. This presents an issue for a production app or any app that is actually serving users. There is a shortcoming with the current DEA (the part in Cloud Foundry that runs your app) but the next version of the DEA (Diego) will help address this.
Did you know in Bluemix you get inbound SSL for free? It is automatically turned on and enabled for every app. All you have to do is just access your app over https instead of http.
Developers don’t need to implement SSL in their app, you just need to support HTTP and the Bluemix infrastructure will support HTTPS for you and do SSL offloading.
Additionally Bluemix supports the x-forwarded-proto header to allow developers to check with protocol requests are coming in over.
Kraken.JS is a new wonderful framework wrapper around Express for Node.JS. It includes things such as pre-canned security settings, templating, and internationalization. While Express in Node allows you to customize these type of things its not the most fun thing or exciting thing to do. While security is very important in your app why should you have to write redundant code for this. The answer is you do not have to anymore.