Collaborate Disseminate
I’m experimenting with a self-made groupchat application, similar to Slack. It currently has the notion of public channels, private channels and one-to-one channels, all using a common datastructure ‘room’. To implement this application I’… Continue reading A good approach to implement end-to-end encryption for a groupchat application in Node.js?
I’m new to backend and currently don’t know best practices of storing sensitive data in safe.
I configured node.js server with JWT. I signed JWT with RSA key. Each time server receive request it verifies integrity of JWT.
For now I have … Continue reading Where to store private and public keys?
My public website is getting a lot of get requests to endpoints like “wp-login.php”, “.env”, “.git/HEAD” and many others. This seems to be a non-trivial portion of my website’s traffic and I’d like to discourage it or at least reduce its i… Continue reading What is the best way to mitigate malicious bot traffic on a Node Express server?
I’m running a simple NodeJS REST API and a ReactJS frontend application and I want them to communicate in a secure way over TSL. I’ve successfully issued a certificate (DNS challenge) from Let’s Encrypt and I’m currently using it for my II… Continue reading React and NodeJS over TLS
I am trying to put some fields in a Postgres database hosted on a Heroku app and it keeps returning this error:
Error: self signed certificate
code: ‘DEPTH_ZERO_SELF_SIGNED_CERT’
I have tried adding a key, certificate, and CA bundle but… Continue reading Is it safe to set rejectUnauthorized to false when using Heroku’s Postgres database?
im building a PWA app , where i implemented jwt token to auth users.
i have 2 main architecture problems ,but let me introduce you what im building .
i’m Building application that is all about dog lovers , this application is to post los… Continue reading Generate new AccessToken each time user update his Information
I’m running a node application which needs to make calls to a third party API, on behalf of my user, using their own API keys.
API calls only need to be made on behalf of the user while they are logged into my site.
Currently I use bcry… Continue reading Is it safe to encrypt a user’s third party API key with their own password?
Inspired by the over-the-top stage lighting and pyrotechnics used during e-sport events, [Hans Peter] set out to develop a scaled-down version (minus the flames) for his personal Counter-Strike: Global Offensive sessions. It might seem like pulling something like this off would involve hacking the game engine, but as it turns …read more
In addition to encrypting each datagram information, what other security mechanisms could take into account, and which would be the worst risks?
I am creating a decentralized service discovery system, similar to old MDNS but whitout DNS m… Continue reading What is the best way to ensure the security of UDP connections and datagrams [closed]
For years we’ve seen a trickle of really interesting home automation projects that use the Node-RED package. Each time, the hackers behind these projects have raved about Node-RED and now I’ve joined those ranks as well.
This graphic-based coding platform lets you quickly put together useful operations and graphic user …read more
Continue reading Automate Your Life with Node-RED (Plus a Dash of MQTT)