Looking for experience from the field in hardening web front-ends, specifically with custom API servers, and AWS infrastructure, to prevent tampering and DDOS.
tl;dr Don't trust anything that a web browser (or any client app) sends your servers. Treat data as actively hostile. Use high quality open source projects where you can because they've done all the hard learning for you.
3 comments
[ 1.9 ms ] story [ 16.4 ms ] threadtl;dr Don't trust anything that a web browser (or any client app) sends your servers. Treat data as actively hostile. Use high quality open source projects where you can because they've done all the hard learning for you.