So after my hosting my first project and announcing it on devrant, the users pointed out the many security faults and places where the code can be exploited ( thank you so much ). So I started my research on security ( im 99% self-taught ). The first thing I landed across is the code vulnerabilities which the I can fix then the vulnerabilities of the language itself and then binary code to overrun whatever the language it is. Well, the topic gets broader and broader. If I click on a link named xxx vulnerabilities oh god that is a whole new collection of hundeds of wiki like pages. I feel like I'm lost and here I need some real help

Well if you go with "secure" foundations like well rested libraries and languages, those very low level things are done for you. But there is still so much to cover:

1. You need to secure your server. Like not running your app as roots and many other things that depend on the platform and framework, but there are good resources for the general things to do.

2. Use SSL and read up on how to configure it properly, get your certificate from letsencrypt.

3. Sanitize user input.

4. Write tests that prove that your sanitization is correct.

5. Use things like csrf tokens etc to prevent client side identify theft.

6. Read up on general security practices for your particular stack. Each database and framework has different things to look out for.

Don't get lost there. Some things are less important, like identify theft on devrant or account theft are less important than someone being able to delete the database. Prioritize from biggest to lowest impact and work on it ;)

@lulebe Thank you 😊 here's your +1 and now you can build your Avatar and welcome to devrant