This article is the second in my series of articles based on the frontend of the decentralised web. We’ll look at Web3.js & accessing the Ethereum Blockchain client-side, frontend security for DApps, how WebAssembly has become the “4th language of the web”, and we’ll build a realtime Blockchain explorer app with Phoenix LiveView!
Working for a security-focused company like Status means that security, in its many forms, is mentioned on a daily basis.
However; outside of Status one of the broadest, most important, yet often ignored considerations when deploying and running web applications is the security of the app. When I use the term security, I’m not just speaking from a backend perspective, but also of the frontend of the application. Having good infrastructure security is highly important, but there are also security factors on the frontend of the application that we really must take into account.
Security is an ongoing, and ever-changing, practice that you must observe to ensure that your product is never included in the companies that one hears about on the news after a huge data breach. Regardless of which programming paradigm, language or framework you wish to use, there are plenty of non-specific, terse security practices you should follow from the very start of the project.
In my last personal Startup, we provided User Authentication as a Service, so we were a major target for hackers. On one of our first evenings live, we watched someone attempt to send 5million malicious requests within 30 minutes. None of which had any affect other than exposing the hacker. This is because we made security a priority — which is something we all need to do in the modern world of Tech.
In this article, I’ll introduce you to my biggest tips for top to bottom (Frontend to Backend) security for your web applications. We’ll take a look at security for your DApps too!Strict Transport Security (HSTS) ...