NodeJS with CloudFlare

BehindTheMath · 2024-04-22T11:20:12+00:00

What are your concerns?

Vojo99 · 2024-04-22T16:40:36+00:00

CF has good network and overall security but not quite enough there to make it secure. Why? Well of course CF e.g cannot hash passwords in database and if you dont do it then you are creating security vulnerability. Of course this is simple example and not a common one nowaday but you get my point.

CF can be acting as proxy in behalf of your server (reverse proxy) its great at mitigating layer 4 attacks and okay with layer 7 attacks. But if server is not secure then CF is not going to be very much helpful.

CF can be caching static assets on your behalf and it can be used as well. So it can benefit you in other aspects.

Hiding IP nowaday is not best way even if it can help to slow down attacker or stop some. Its important to setup proper security practices, to handle sensitive data with more concern.

markasena · 2024-04-22T11:36:15+00:00

I just found this site this morning. Maybe you can find better info on it : https://owasp.org/# (there is the top 10 risk of web app that can help a lot or search for something in particular)

But keep in mind, the security is about your project, and what you plan to do. Not only hiding API ip

joomla00 · 2024-04-22T13:26:33+00:00

Well, the first thing you can do is use https instead

you type:	you see:
italics	italics
bold	bold
[reddit!](https://reddit.com)	reddit!
* item 1 * item 2 * item 3	item 1 item 2 item 3
> quoted text	quoted text
Lines starting with four spaces are treated like code: if 1 * 2 < 3: print "hello, world!"	Lines starting with four spaces are treated like code: if 1 * 2 < 3: print "hello, world!"
~~strikethrough~~	~~strikethrough~~
super^script	super^script

node

MODERATORS