Attacks

XSS - Cross Site Scripting

Javascript injection.

CSRF / XSRF - Cross Site Request Forgery

Executing requests on one website for another one while authenticated.

Same-origin policy

Prevents scripts from one origin to access private data on another origin.

MITM

Packet snooping.

SQL Injection

SQL injection.

Good Practices

SSL

Let's encrypt.

Encryption

Password hashing.

JWT

Tokens vs cookies.

Reverse-proxy

Localhost vs direct.

User groups

Linux permissions.

← Nodemcu Vim →