How secure is node.js and its server?
Question
Node.js provides us with a very easy way to create a quick server so we don't have to use other's such as Apache or IIS.
This sounds very good but... how secure is node.js server? Can we compare ISS or Apache with node.js which born just a few years ago ?
I've been reading similar questions and some posts about it and they don't seem to inspire much confidence in terms of security. Most of these post are not so recent. Has node.js improved its security during these last years to be able to be used in secure production sites?
It seems to be a large number of big companies making use of node.js but... is it needed an extra effort to secure a site?
I guess using some frameworks such as Express might help on this topic but I'm not sure until which extent.
1 answers
solution1
3 2014-08-19 06:15:05
Ultimately, Node.js is only as secure as the developers using it care it to be. The Node.js core itself is pretty robust and the team has been doing an incredible job tackling vulnerability issues efficiently. You can check the latest here .
As for building secure apps, I would recommend you try to know more about how to secure your apps from the start rather than later. You can find good resources at nodesecurity.io. One nice point to start is by checking this blog post on how to build secure expressjs apps (the fundamentals apply to any kind of framework)
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.