Collaborate Disseminate
I’ve read bits around this, but I am curious should I be worried. I constantly am getting hit with random GET and POST requests from I guess just bots crawling the web trying to find vulnerabilities.
You can see below, the POST /GponForm/d… Continue reading Random endpoint getting pinged constantly on my server [duplicate]
From using Node.js for running an entire business, or just a personal home project, how secure really is it?
Having open ports, exposing the main file with personal info (nodemailer info, etc.) or anything else just seems like a bad idea.
… Continue reading How actually secure is Node.js? [closed]
I am very new to HTTP protocol and how it works. When you use http.createServer in Node.js, does it provide any protection against SYN flood attacks?
Node’s get started guide gives a easy to understand code. It gives you a request object b… Continue reading How to protect Node HTTP server from SYN flood attack?
I maintain several Angular apps, which contain thousands of dependencies on NPM packages. GitHub’s Dependabot notifies me of new known vulnerabilities every week (from the CVE database).
For example, Dependabot tells me that moment.js has … Continue reading Is there a database that classifies NPM library vulnerabilities as exploitable vs. benign in the browser?
I am currently creating an app to help with retail management. As you may be able to imagine, user authentication is of great importance as the app will store all kinds of sensitive information such as financial records, inventory status, … Continue reading A Hybrid Authentication method. (JWT, MFA, Cookies, Sessions) [closed]
I have a problem with hiding the VPS IP using Cloudflare. My IP can be found on search.censys.io. I don’t have any DNS leaks. I’m using nginx to reverse proxy a node.js server. Is it possible to hide the IP somehow to protect against DDoS … Continue reading Cloudflare not hide VPS IP (ngnix)
OK, I need some help with this:
I am creating a Node express API, and I want to support the following auth strategies:
Cookie or JWT based authentication that supports MFA (OTP, email, and SMS), for clients (web/mobile) that are internal…. Continue reading Options for various auth strategies for express API
Language used is Javascript.
For context, I am making a password manager where users can store different accounts of service and their passwords. The idea was to store multiple encrypted passwords in the database and decrypt them on the cl… Continue reading Storing encrypted password in database but decrypt it on the client side
I host my website by my own using droplet/VPS service and node.js server. My wesbite uses SSL Cert/HTTPS from LetsEncrypt, VPS service from DigitalOcean, domain registered from local vendor (RumahWeb) managed by CloudFlare.
My VPS server i… Continue reading Some ISP inject malware/ads into my website in the middle of transit
Which framework is good for backend cryptocurrency exchange? (laravel, django, node.js) in terms of scalability, security, …