Preventive Measure and Maintenance - Your Home lab guide (Main Server - Express)

## Welcome to New Lesson for How to protect your system with simple knowledge. ## --- Scopes --- * CORS allow * Headers Protection * API limiters * Passport (JWT, COOKIE) validation * Request (params, query, body) sanitation 'zod' * Hash Password (Auth) + Passport + .env * cofig pools SQL (data and tvp) (MSSQL) * morgan - console logs * (Anti SQL INJECTIONS )ORM - as General Porpose (Prisma) or Stored procedure (RAW SQL) - for dynamic and complex patterns. * Cloudflare - (tunnel) if not use in **Portforward** * serve running node on NGINX + UFW (config inbound + outbound + expose 443 https, 80 reditection to 443) => router PORTFORWARD * Internet => pfSense => Reverse Proxy - Good other use like (DNS, VPN, DHCP) - Geo-blocking (You can block entire country from public if you want too but Cloadflare rule can do that.) - IDS/IPS (Snort or Suricata) #### Note: Majority of this is learned and self leaned by me, tested it in home lab, but this layers still have flaws in security that is why do it at your own risk. #### This Scope will be discuss soon so stay tune for new lesson.