Please enable JavaScript.

Coggle requires JavaScript to display documents.

Tech Reading (NodeJS (Security (Make NodeJS API secure (types of attack…

- - - - types of attack
        
        Denial-Of-Service (DOS) Attacks
        
        CrossSite Scripting XSS attacks
        
        Brute Force Attacks
        
        SQL/NoSQL injections
      - how to prevent
        
        DOS Attacks
        
        limit body payload using body-parser
        
        express-rate-limit dependency - you cand set max amount of requests per user
        
        XSS attacks
        
        sanitize user data on input (xss-clean package)
        
        use helmet - which is a series of middleware
        
        store JWT tokens in cookies rather than session
        
        Brute force attacks
        
        limit nr of ligin attemps (pin enters, passwords, etc)
        
        again, user express-rate-limit dependency
        
        bcrypt dependency (encrypts passwords and it makes it harder to guess)
        
        implement 2 step verif process
        
        SQL/NoSQL injection
        
        sanitize data
        
        mongoose (if mongoDB)