Ways to secure your applications
- More than 70% of exploited applications are due to outdated dependencies. Ensure dependencies are up to date by using the latest packages and automating dependency management.
- Explicitly declare acceptable user payloads and use database-level constraints, like maximum column size, refusing null values, etc.
- Assert safe regular expressions.
- Limit requests by IP address or user agent.
- Store credentials outside your codebase, separating application configuration from code.
- Disable HTTP requests to your server unless very specific use cases demand it. Enable certificate checking for outgoing connections so that communication with third-party APIs or services are also secured by HTTPS.
Full post here, 9 mins read