This project has the simple configurations and middlewares that can be added in our express application to prevent the most common misconfigurations and vulnerabilities
- Clickjacking
- Cross-site scripting (XSS)
- MIME sniffing
- Untrusted HTML for downloads
- Access via HTTP
- DNS prefetching
- Content Security Policy
- CORS settings
- DoS attacks
- Encryption
- JWT Tokens
- X-Powered-By
To run this project, you will need to first change the sample.env file in the server directory to .env then change the following environment variables to your .env file
DB_HOST
DB_USER
DB_PASSWORD
DB_NAME
DB_PORT
You are most welcome to contribute to the repository