NodeJS Security Best Practices

This page summarizes the projects mentioned and recommended in the original post on dev.to
NodeJS Database JavaScript ORM Postgresql

SurveyJS
Our great sponsors
  • SurveyJS - Open-Source JSON Form Builder to Create Dynamic Forms Right in Your App
  • WorkOS - The modern identity platform for B2B SaaS
  • InfluxDB - Power Real-Time Data Analytics at Scale
Our great sponsors

  • body-parser

    Node.js body parsing middleware

    • Using body-parser you can set the limit on the size of the payload

  • nodejs-logging-for-production

    How to setup Logging for Production Grade NodeJS applicaiton

  • SurveyJS

    Open-Source JSON Form Builder to Create Dynamic Forms Right in Your App. With SurveyJS form UI libraries, you can build and style forms in a fully-integrated drag & drop form builder, render them in your JS app, and store form submission data in any backend, inc. PHP, ASP.NET Core, and Node.js.

    SurveyJS logo

  • nodejs-environment-handling

    Handle Multiple Environments in NodeJS

  • understanding-csrf

    What are CSRF tokens and how do they work?

    • To learn more about CSRF. Go here Consider using csurf

  • nodejs-expressjs-error-handling

    NodeJS error handling demo

  • csurf

    Discontinued CSRF token middleware

    • To learn more about CSRF. Go here Consider using csurf

  • nodejs-security-best-practices

    How to create a secured NodeJS application

  • WorkOS

    The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

    WorkOS logo

  • TypeORM

    ORM for TypeScript and JavaScript. Supports MySQL, PostgreSQL, MariaDB, SQLite, MS SQL Server, Oracle, SAP Hana, WebSQL databases. Works in NodeJS, Browser, Ionic, Cordova and Electron platforms.

    • If you use Sequalize, TypeORM or for MongoDB, we have Mongoose these types of ORM tools, then you are safe by default because these help us against the SQL query injection attacks by default.

  • Sequelize

    Feature-rich ORM for modern Node.js and TypeScript, it supports PostgreSQL (with JSON and JSONB support), MySQL, MariaDB, SQLite, MS SQL Server, Snowflake, Oracle DB (v6), DB2 and DB2 for IBM i.

    • If you use Sequalize, TypeORM or for MongoDB, we have Mongoose these types of ORM tools, then you are safe by default because these help us against the SQL query injection attacks by default.

  • PostgreSQL

    PostgreSQL client for node.js.

    • If you don't want to use ORM then there are some other packages as well! For PostgreSQL we have node-postgres

  • Mongoose

    MongoDB object modeling designed to work in an asynchronous environment.

    • If you use Sequalize, TypeORM or for MongoDB, we have Mongoose these types of ORM tools, then you are safe by default because these help us against the SQL query injection attacks by default.

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts