Full Stack for Front-Ends Part 2 Security Overview
This course has been updated! We now recommend you take the Full Stack for Front-End Engineers, v3 course.
Transcript from the "Security Overview" Lesson
>> Jem Young: We are all together, we have the same server running Ubuntu 16.04. We all have node and NPM installed properly. So, now let's get to server security. Two main parts to server security, controlling access and securing your applications. Controlling access means not letting people in. That means strong authentication of login, configuring your firewalls correctly, configuring your permissions correctly.
[00:00:26] Securing applications it's a little bit trickier because you don't know every line of code of every bit of software you're running. So the best you can do is keeping your software up to date and limiting your application use. One of the most common server vulnerabilities is just people running outdated copies of WordPress, or outdated copies of PHP Admin.
[00:00:46] Or just software they don't even know what it's running, because someone saw it at one and is like, here's a cool tool, I'm using it, they don't know what's going on. So one of the easiest thing you can do is just don't install too much software. Unless you explicitly know what you're doing.
[00:01:00] That's a top tip.