Hello everyone!๐ I have been working on my portfolio site and it is now live. It's a blog based site where I will write about my web technologies. It's a full stack project, this is my first full stack project. Please give some feedback on it. To see my website visit:- https://iamismile.herokuapp.com
Now I'm going to talk a little bit about myself and my website here. I'm new in web development. Eight month passed away that I'm learning web development. I have learned modern technologies: React.js, Node.js, Express, MongoDB, Mongoose. So I've decided to build my own project, a big project, where I can learn more, implement my knowledge and face some real world problems. And I decided to build a blog site for myself where I can share my thoughts and which also helps me to find a good job.
โจ Lets talk about my website Stack, Design, Features and Security.
โ Stack:
The website build with modern technologies. It is an API and Server-Side rendered website. To check my website API visit: https://iamismile.herokuapp.com/api/v1/tidbits
๐น Client-Side(i.e. frontend):- HTML, CSS, JavaScript.
๐น Server-Side(i.e. backend):- Node.js(JavaScript runtime).
๐น Database:- MongoDB(NoSQL).
๐น Image Management:- Cloudinary.
๐น Email Services:- SendGrid(For server-side), EmailJS(For client-side).
๐น Deployment & Hoisting:- GitHub, Heroku.
๐น Web Performance:- Lighthouse Chrome DevTools.
โ Design:
The website is designed with mobile first design. I try to keep all the pages simple and nice looking.
โ Features:
- RESTful API design with advance features: filtering, sorting, pagination.
- Used MVC architecture.
- Complete modern authentication: login, password reset.
- Uploading files and Image processing.
- Send email with SendGrid and EmailJS.
- Advance error handling.
- Used Markdown to write blogs.
- Code Style Practices: Used ESLint.
- Testing: For testing I used Postman(manual testing).
โ Security:
Security is an important thing for a website. So some security best practices for my website are given below:
- Compromised database: Strong encrypt password & password reset token.
- Brute Force Attacks: Implement rate limiting.
- Cross-Site Scripting (XSS) Attacks: Sanitize input data.
- Denial of Service (DOS) Attacks: Implement rate limiting.
- NoSQL query injection.
- Use HTTPS.
- Random password reset token with expiry dates.
- Deny access to a authenticated web pages after password reset.
Thanks for reading and stay tuned. Don't forget to give feedback.๐
Top comments (10)
Wow. It's very fast and nice looking
What about my blog? mzaini30.com. Hahahahhaha
Thanks๐. Your website is simple and nice.
Thanks
Welcome๐
Nice work buddy!
Thanks๐
Nice portfolio! ๐๐ผ
Thanks๐
Do you translate md to HTML for your blog ?
Yes. I used markdown it parser for that.