Secure Your Node.js Web Application: Keep Attackers Out and Users Happy (Paperback)

Karl Duuna

  • 出版商: Pragmatic Bookshelf
  • 出版日期: 2016-02-02
  • 定價: $1,360
  • 售價: 9.0$1,224
  • 語言: 英文
  • 頁數: 232
  • 裝訂: Paperback
  • ISBN: 1680500856
  • ISBN-13: 9781680500851
  • 相關分類: Node.js
  • 立即出貨 (庫存 < 4)

買這商品的人也買了...

商品描述

Cyber-criminals have your web applications in their crosshairs. They search for and exploit common security mistakes in your web application to steal user data. Learn how you can secure your Node.js applications, database and web server to avoid these security holes. Discover the primary attack vectors against web applications, and implement security best practices and effective countermeasures. Coding securely will make you a stronger web developer and analyst, and you'll protect your users.

Bake security into your code from the start. See how to protect your Node.js applications at every point in the software development life cycle, from setting up the application environment to configuring the database and adding new functionality. You'll follow application security best practices and analyze common coding errors in applications as you work through the real-world scenarios in this book.

Protect your database calls from database injection attacks and learn how to securely handle user authentication within your application. Configure your servers securely and build in proper access controls to protect both the web application and all the users using the service. Defend your application from denial of service attacks. Understand how malicious actors target coding flaws and lapses in programming logic to break in to web applications to steal information and disrupt operations. Work through examples illustrating security methods in Node.js. Learn defenses to protect user data flowing in and out of the application.

By the end of the book, you'll understand the world of web application security, how to avoid building web applications that attackers consider an easy target, and how to increase your value as a programmer.

What You Need:

In this book we will be using mainly Node.js. The book covers the basics of JavaScript and Node.js. Since most Web applications have some kind of a database backend, examples in this book work with some of the more popular databases, including MySQL, MongoDB, and Redis.

商品描述(中文翻譯)

網絡罪犯將你的網絡應用程序視為目標。他們尋找並利用你的網絡應用程序中常見的安全錯誤來竊取用戶數據。了解如何保護你的Node.js應用程序、數據庫和Web服務器,以避免這些安全漏洞。探索針對網絡應用程序的主要攻擊向量,並實施安全最佳實踐和有效的對策。編寫安全的代碼將使你成為一名更強大的Web開發人員和分析師,並保護你的用戶。

從一開始就將安全性融入你的代碼中。了解如何在軟件開發生命周期的每個階段保護你的Node.js應用程序,從設置應用程序環境到配置數據庫和添加新功能。在這本書中,你將遵循應用程序安全最佳實踐,並通過實際場景中的工作分析應用程序中常見的編碼錯誤。

保護你的數據庫調用免受數據庫注入攻擊,並學習如何在應用程序中安全處理用戶身份驗證。安全配置你的服務器並建立適當的訪問控制,以保護網絡應用程序和所有使用該服務的用戶。保護你的應用程序免受拒絕服務攻擊。了解惡意行為者如何利用編碼缺陷和編程邏輯漏洞來入侵網絡應用程序,竊取信息並破壞運營。通過示例學習Node.js中的安全方法。學習防禦措施,以保護流入和流出應用程序的用戶數據。

通過閱讀本書,你將了解網絡應用程序安全的世界,如何避免建立攻擊者認為易於攻擊的網絡應用程序,以及如何提高你作為程序員的價值。

你需要什麼:
在本書中,我們主要使用Node.js。本書涵蓋了JavaScript和Node.js的基礎知識。由於大多數Web應用程序都有某種類型的數據庫後端,本書中的示例與一些較為流行的數據庫一起工作,包括MySQL、MongoDB和Redis。