Web Development

3434 readers

1 users here now

Welcome to the web development community! This is a place to post, discuss, get help about, etc. anything related to web development

What is web development?

Web development is the process of creating websites or web applications

Rules/Guidelines

Follow the programming.dev site rules
Keep content related to web development
If what you're posting relates to one of the related communities, crosspost it into there to help them grow
If youre posting an article older than two years put the year it was made in brackets after the title

Related Communities

Wormhole

!cool_github_projects@programming.dev

Some webdev blogs

Not sure what to post in here? Want some web development related things to read?

Heres a couple blogs that have web development related content

https://frontendfoc.us/ - [RSS]
https://wesbos.com/blog
https://davidwalsh.name/ - [RSS]
https://www.nngroup.com/articles/
https://sia.codes/posts/ - [RSS]
https://www.smashingmagazine.com/ - [RSS]
https://www.bennadel.com/ - [RSS]
https://web.dev/ - [RSS]

Credits

Icon base by Delapouite under CC BY 3.0 with modifications to add a gradient

founded 1 year ago

MODERATORS

snowe@programming.dev

erlingur@programming.dev

Ategon@programming.dev

How to keep my and my client's applications very secure? (chat-to.dev)

submitted 10 months ago by amargo85@lemmings.world to c/webdev@programming.dev

1 comments fedilink hide all child comments

These tips cover various aspects of web application security, but remember that security is an ongoing process. Stay informed about the latest threats and regularly update your security practices.

you are viewing a single comment's thread
view the rest of the comments

[–] dbx12@programming.dev 2 points 10 months ago

There are some good points in it but the list feels poorly written as it contains very general tips which feel like fluff to increase the article length like:

Protect the client-side against attacks.

Or just wrong stuff like:

Validate all server-side input data.

If you can trust someone, it's the server. You should validate data coming from the client on the server side.

Some things even contradict each other like

Implement strong authentication, such as two-factor authentication (2FA).

And

Use secure authentication mechanisms such as OAuth.

Assuming your app is an OAuth client, you have no say in how the identity provider identifies the user.

Good point, but even better than

Monitor file and source code integrity.

is having the application source code read-only, ideally owned by another user to avoid the confused deputy problem.