[erlang-questions] Erlang web applications + security
Mon Oct 9 18:30:09 CEST 2017
from the OWASP list some of the high level tasks you will need to do:
setting proper response headers ( cross origin, strict https, etc)
input validation ( for cross site scripting)
file upload scanning for viruses, etc
securing authentication ( appropriate token policies, account lock against
brute force attacks)
update configs to remove server details from exposed via headers ( e.g.
you can run a vulnerability scan using tools like burp, zap to scan for
holes in your web app
On Sat, Oct 7, 2017 at 1:27 PM, Leandro David Cacciagioni <
> Hi Lloyd,
> I would say that for any web app (Not only in erlang) you must start at
> least for securing the issues named in the OWASP 10 (
> https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project) that will
> gonna give you a good coverage for the most basic and common sec issues in
> the world wide web of today.
> On Oct 7, 2017 09:02, "Lloyd R. Prentice" <lloyd@REDACTED> wrote:
>> When I put an Erlang web application on line, what security issues do I
>> need to address and what are recommended best practices to address them?
>> Sent from my iPad
>> erlang-questions mailing list
> erlang-questions mailing list
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the erlang-questions