Website security
Answered
Nebelung posted this in #help-forum
NebelungOP
is there some like security check list i can find online or something i am quite skeptical that what i have is very secure. I am using next js and next js auth, i have csrf protection, rate limiting, zod validation i have setup 2fa security logging using 12 step bycrpt for password. all tokens are hashed with crypto, and when i go to production i am also planning to add cloudflare on top also i am using prisma for sql injections. Am i missing anything. If anyone good direct me to some resource that would be awesome or personally answer my question. Thank you again
Answered by B33fb0n3
check this list for most common security issues: https://owasp.org/Top10/2025/
Go through the specific topics and check your app like that
Go through the specific topics and check your app like that
5 Replies
@Nebelung is there some like security check list i can find online or something i am quite skeptical that what i have is very secure. I am using next js and next js auth, i have csrf protection, rate limiting, zod validation i have setup 2fa security logging using 12 step bycrpt for password. all tokens are hashed with crypto, and when i go to production i am also planning to add cloudflare on top also i am using prisma for sql injections. Am i missing anything. If anyone good direct me to some resource that would be awesome or personally answer my question. Thank you again
check this list for most common security issues: https://owasp.org/Top10/2025/
Go through the specific topics and check your app like that
Go through the specific topics and check your app like that
Answer
owasp is pretty good at recommending best practices for web security. u should check on that. or the owasp cheatsheet
NebelungOP
Thank you both
Happy to help