Nodejs, Socket.io, Redis, Laravel - security?
Question
I'm using Laravel 5.1 for my backend and at the same time, I have Nodejs server running purely for socket.io and this is only for the 'news' table.
Basically, every single time an item is added to the news table in mySQL, Laravel broadcasts an event, which is caught by socket.io on the client and then socket.io sends off an AJAX call to the server API to retrieve the news item.
I am very new to Node.js and this is my first project actually using it. I was thinking about using pusher instead, for Real-time updates, but wanted to try something new and went for this setup.
So my question is, how secure is Node.js server in this scenario? It runs a very simple server at the moment as I said, which is solely for socket.io and nothing else. Are there any security measures I should take before the app goes LIVE?
1 answers
solution1
1 ACCPTED 2015-07-17 15:03:56
If you only use socket.io and your backend script in node only dispatches to the socket (and doesn't receive any data from the front end), you shouldn't have anything to worry about. You could also only dispatch to clients that have a PHP session, and for that you can use Redis between PHP & Node.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.