DEV Community

Discussion on: Explain How I Secure my First Web-Application Like I Am Five

Collapse
 
trendschau profile image
Sebastian Schürmanns

Hi Rhymes,

thank you for that explanations, I like them! And yes, you are right, it might be a bit ambitiously for a 5 year old child. But anyway, I always felt that basic security measures for web-applications are super important and at the same time a bit hard to grasp. I think everybody should have the chance to build a (mostly) secure app independent from his level of coding-skills and even if you do not use one of the ready to go frameworks. So I tried with this post :)

Collapse
 
rhymes profile image
rhymes

I think everybody should have the chance to build a (mostly) secure app independent from his level of coding-skills and even if you do not use one of the ready to go frameworks.

I know this is not going to make me popular with people who don't like frameworks but if there's one thing that frameworks should do well is to provide secure defaults and less ways to shoot yourself in the foot. They don't always do it to be honest and you can achieve the same by composing various libraries obviously but still, frameworks are made of parts that, if used, have already solved most of the mentioned problems, especially input validation, CSRF and auth.

Django even has a bunch of automated reminders to check your security settings: docs.djangoproject.com/en/2.2/ref/...

Thread Thread
 
trendschau profile image
Sebastian Schürmanns

You are right, that is a strong argument for using ready to go frameworks! Anyway, I usually work with Microframeworks and there you pick your libraries manually, so I usually integrate CSRF-protection and validation myself. So one advice might be to use big frameworks at first and move to small ones or self coded applications if you feel firm with all that security measures. But even if the big frameworks do all that for you, then you still should get familiar with the basics at some point (in my opinion :)

Thread Thread
 
rhymes profile image
rhymes

Well said!