Ways to secure your applications

  • More than 70% of exploited applications are due to outdated dependencies. Ensure dependencies are up to date by using the latest packages and automating dependency management.
  • Explicitly declare acceptable user payloads and use database-level constraints, like maximum column size, refusing null values, etc.
  • Assert safe regular expressions.
  • Limit requests by IP address or user agent.
  • Store credentials outside your codebase, separating application configuration from code.
  • Disable HTTP requests to your server unless very specific use cases demand it. Enable certificate checking for outgoing connections so that communication with third-party APIs or services are also secured by HTTPS.

Full post here, 9 mins read