Studies have shown that cyber crimes are at all time high, and they are increasing as you are reading this.
And if you are a Game of Throne’s fan, you might be more aware of this lately. If HBO can be hacked, your and my applications are no exceptions to them.
As software programmers, it is our duty to take the things in our hand and do something about it. Not everyone might be a pro in security and know how hackers work. But, at the very least, we can follow some of the best practices to mitigate such attacks and avoid them as much as possible. And trust me, they work.
So, let’s dive into some actionable items that you can follow to make your code more secure.
1. Trust nobody.
When writing code for web applications, do yourself a favor- trust nobody. In terms of data at least.
May it be the data coming from users. Or may it be the data coming from your servers. Always validate the data before it enters the application.
In the case of user input forms- validate each and every field. Sql injections and XSS are dramatically increasing these days. So, make sure you validate each and every field on the form before you save the data to the server.
Even when the data is saved on the servers, do not trust them. Always sanitize the data coming from the servers.
If your’s is a node based application have a look at validator.js. It’s something you should start using right away.
2. Minify and Obfuscate:
Below are some tools you can use to minify your code:
Below are some tools you can use to obfuscate your code:
3. Lint your code
And that is the very reason developers can accidentally introduce mistakes which can backfire at them.
Linting is a process through which you can have someone keep an eye on you and shout at you when you write something which you are not supposed to. Except it’s not a real person, but a tool at your disposal.
Some of the tools you can play around with are:
4. Always have the Strict mode on
Long and short, strict mode throws more exceptions. It does not allow us to take any unsafe actions, like accessing declaring global objects. Basically, it makes sure your code is well thought out.
5. Keep it simple
This is true in programming world too, as much as it is true in real life. Always strive to keep things simple. Your UI design. The overall architecture of your software. Because the more complexity you will introduce in your app, the more vulnerable it will be and easier it will be for the invaders to breach it.
These are some of the simplest yet effective action items you can follow to understand more about the technology you are working on and make your app less vulnerable to any kind of breach.
If you are curious about security read about more details on Secure Socket Layer SSL, (here)[http://ngninja.com/posts/how-secure-socket-layer-works].