You can use this service ssllabs.com/ssltest to search and look for security details about public websites like google.com. If you click on a search result, then you are getting a huge list of items that are relevant to security. It's crazy to implement each item, but it's worth it when apps and sites are growing.
Denny Trebbin
Lead Fullstack Developer. Experimenting with bleeding-edge tech. Irregularly DJ. Hobby drone pilot. Amateur photographer.
You can use this service ssllabs.com/ssltest to search and look for security details about public websites like google.com. If you click on a search result, then you are getting a huge list of items that are relevant to security. It's crazy to implement each item, but it's worth it when apps and sites are growing.
In case of doing something with Node.js, then I think this checklist blog.risingstack.com/node-js-security-checklist is easier to follow and understand.
PS: github.com/sindresorhus/awesome