Ask HN: How do you test the security of your front-ends?

1 pointskevinSuttle8y ago3 comments

Looking for experience from the field in hardening web front-ends, specifically with custom API servers, and AWS infrastructure, to prevent tampering and DDOS.

3 comments

3 comments · 2 top-level

lvh8y ago· 1 in thread

Front-end means different things in different contexts. What do you mean exactly? Static JS code? Some web heads?

kevinSuttleOP8y ago

Static web files would be a good start. JS/CSS/HTML.

onion2k8y ago

There's a lot of great content out there. Start here: https://www.owasp.org/

tl;dr Don't trust anything that a web browser (or any client app) sends your servers. Treat data as actively hostile. Use high quality open source projects where you can because they've done all the hard learning for you.

j / k navigate · click thread line to collapse