Secure Your Node.js Web Application: Keep Attackers Out and Users Happy
- Length: 200 pages
- Edition: 1
- Language: English
- Publisher: Pragmatic Bookshelf
- Publication Date: 2016-01-07
- ISBN-10: 1680500856
- ISBN-13: 9781680500851
- Sales Rank: #1261066 (See Top 100 Books)
Cyber-criminals have your web applications in their crosshairs. They search for and exploit common security mistakes in your web application to steal user data. Learn how you can secure your Node.js applications, database and web server to avoid these security holes. Discover the primary attack vectors against web applications, and implement security best practices and effective countermeasures. Coding securely will make you a stronger web developer and analyst, and you’ll protect your users.
Bake security into your code from the start. See how to protect your Node.js applications at every point in the software development life cycle, from setting up the application environment to configuring the database and adding new functionality. You’ll follow application security best practices and analyze common coding errors in applications as you work through the real-world scenarios in this book.
Protect your database calls from database injection attacks and learn how to securely handle user authentication within your application. Configure your servers securely and build in proper access controls to protect both the web application and all the users using the service. Defend your application from denial of service attacks. Understand how malicious actors target coding flaws and lapses in programming logic to break in to web applications to steal information and disrupt operations. Work through examples illustrating security methods in Node.js. Learn defenses to protect user data flowing in and out of the application.
By the end of the book, you’ll understand the world of web application security, how to avoid building web applications that attackers consider an easy target, and how to increase your value as a programmer.
What You Need:
In this book we will be using mainly Node.js. The book covers the basics of JavaScript and Node.js. Since most Web applications have some kind of a database backend, examples in this book work with some of the more popular databases, including MySQL, MongoDB, and Redis.
Table of Contents
Chapter 1. Meet Your Tools
Chapter 2. Set Up the Environment
Chapter 3. Start Connecting
Chapter 4. Avoid Code Injections
Chapter 5. Secure Your Database Interactions
Chapter 6. Learn to Do Things Concurrently
Chapter 7. Bring Authentication to Your Application
Chapter 8. Focus on Session Management
Chapter 9. Set Up Access Control
Chapter 10. Defend Against Denial-of-Service Attacks
Chapter 11. Fight Cross-Site Scripts
Chapter 12. Avoid Request Forgery
Chapter 13. Protect Your Data
Chapter 14. Secure the Existing Codebase