OWASP-Web-Checklist
services
OWASP-Web-Checklist | services | |
---|---|---|
4 | 29 | |
1,478 | 1,236 | |
- | 0.7% | |
10.0 | 5.5 | |
over 1 year ago | 22 days ago | |
Go | ||
- | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
OWASP-Web-Checklist
-
Go Framework: No Framework?
For security/safety sensitive tasks, you should be using checklists e.g. [1] so you don't need to remember. Pilots use pre-takeoff checklists to reduce chances of human error. Likewise, you should not assume the framework will give you proper defaults.
[1] https://github.com/0xRadi/OWASP-Web-Checklist
-
Selfhosting Security for Cloud Providers like Hetzner
I suggest these resources: - Some fundamentals: https://www.cyberciti.biz/tips/linux-security.html - One of the best imho ( exhaustive list ): https://github.com/imthenachoman/How-To-Secure-A-Linux-Server - Ansible playbook to harden security by Jeff Geerling: https://github.com/geerlingguy/ansible-role-security - OAWSP Check list ( targeted for web apps... and honestly a bit overkill ): https://github.com/0xRadi/OWASP-Web-Checklist
- Website security checklist
- Securing my app
services
-
Go Framework: No Framework?
We used Micro to build and offer Micro services on M3O. Every API to you see there is powered by the open source equivalent Micro service here https://github.com/micro/services
-
[API Request] - looking for Whatsapp status tracker API
I will make a note here https://github.com/micro/services/issues/262
-
Real World Micro Services
I shared this post in a few developer communities like Hacker News and it was well received. Over the past few years I've been working on an open source project called Micro, an API first development platform and I'm now sharing Micro Services, a catalog of reusable real world Micro services.
Thanks, that made now more sense. I'd put this condensed together with https://micro.dev/blog/2022/09/27/real-world-micro-services.... more prominently to the readme of https://github.com/micro/services ! Looking at that github alone makes it hard to commect the context.
-
Show HN: M3O – Universal Public API Interface
Thanks for the comments and questions. I'll do my best to answer them.
> Are things hosted on some other cloud provider, if so where? What region?
Our core platform is currently hosted on DigitalOcean in the London region. That will expand to multiple regions and multiple providers over time. We did start that way many years ago but with a small team it's hard to manage.
> What about uptime? If I end up building an application with all of these APIs, I do need a bit more confidence that things will be stable.
We want to be able to provide uptime guarantees in the near future. Right now I'll say based on our experience running it in the past 9-12 months it's feeling like four 9s verging on 5 but I don't want to jinx us. We are dependent on our providers but we're also people who have managed platforms for many years.
> the crypto endpoint looks interesting, but for me, it would be quite crucial to know where the data is from? How often is it updated?
Our crypto APIs are currently powered Finage.co.uk. We do some level of caching on our side but only for 5-10 mins. I'll try add some details around that in the overview. You can see the source at https://github.com/micro/services
- M3O - Serverless API Backend
-
Zapier: The $5B Unbundling Opportunity
We're playing in this space with M3O (https://m3o.com) but focused very much on making APIs programmable as opposed to completely doing away with the code.
- M3O - A serverless API backend
What are some alternatives?
ansible-role-security - Ansible Role - Security
m3o - Serverless Micro Services
dvna - Damn Vulnerable NodeJS Application
next-runtime - The Next.js Runtime allows Next.js to run on Netlify with zero configuration
writeups
micro - A Go service development platform
hypermerge - Build p2p collaborative applications without any server infrastructure in Node.js
next-auth - Authentication for the Web.
qurandatabase - XML formatted Quran Database from QuranDatabase.org
logseq - A local-first, non-linear, outliner notebook for organizing and sharing your personal knowledge base. Use it to organize your todo list, to write your journals, or to record your unique life.
go-micro - A Go microservices framework