Ranter
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Comments
-
As long as you don't deal with other peoples stuff - idc about security. Anyone can view/download anything from my webserver, search files in my games etc.
But when it comes to making an email list for example, those need to be secure. But I'm not good with that - and I don't really have such a project.. -
Quite a lot of time while bootstrapping. I'd say about a day for a simple scenario, a week for multiple authentication options, authorization management, seamless model deserialization / validation from user input.
This does not include securing the server itself. Stuff like setting up SSL, VPNs, DNS and the rest aren't really my turf so I won't even know when I'm doing something wrong in terms of security.
How bad is it? -
tahnik387587yI always use a high security standards for my websites. I used to tweak the security of the backend a lot. But now I use firebase most of the time, so that's taken care of.
-
I care a lot about security. I prefer taking a bit longer to be sure the code is safe.
But sometimes the client wants you to work with wordpress, I cant write code to make that more secure.
At my work Im forcing SSL, frameworks with safety features and multiple talks with fellow devs about the login structure and saving data to avoid any leaks. -
thiemok737yI try to always keep security in mind, when working on endpoints or ui. But if feel good security practices often neglected in education. Can anyone of you it-sec guys recommend a good in-depth read on what to keep an eye on during development?
-
Crablitz247yI only asked as I used to do security stuff (db access, CSRF and SQL injection protection) for my own web related projects but I've now pivoted to infosec. Responses were lovely. Dankeschön!
Related Rants
-
ahmedam23What only relying on JavaScript for HTML form input validation looks like
-
isaacWeisberg21Me and my wife are software engineers Started dating while doing a project together I guess you could say that...
-
JMoodyFWD48My "Coding Standards" for my dev team 1.) Every developer thinks or have thought their shit don't stink. If y...
Question - my field is information security (or cyber security if you want to think of me as a time lord), but I wanted to know;
Front end and back Devs, how much time do you spend on security issues and/or implementing security measures?
undefined
question
infosec
web development