this post was submitted on 15 Dec 2024
36 points (100.0% liked)
Programming
17712 readers
24 users here now
Welcome to the main community in programming.dev! Feel free to post anything relating to programming here!
Cross posting is strongly encouraged in the instance. If you feel your post or another person's post makes sense in another community cross post into it.
Hope you enjoy the instance!
Rules
Rules
- Follow the programming.dev instance rules
- Keep content related to programming in some way
- If you're posting long videos try to add in some form of tldr for those who don't want to watch videos
Wormhole
Follow the wormhole through a path of communities [email protected]
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Misconfigured CORS is no worse than someone using curl, or postman, or any other tool of that kind. What could compromise your server is the backend side of things, the frontend is just a limited HTTP client in the end. The real risk is those making direct requests to your server. CORS is just an ask for browsers specifically to stop cross domain communication, it protects the users not you.
You can help that a lot by using containers like Docker or Podman, but you should also make sure your backend is secure. But the most risk really even then would usually be, break into your database via SQL injection or something like that, still not breaking into the whole instance.
If anything, making sure to use SSH keys, disable root login and general server best practices is way more important than your app. You're more likely that your server itself will be attacked than the backend. Security comes in layers.
But realistically you'll be fine, and if you do end up hacked, it's a learning experience.
A minor point of clarification to this point.
CORS also provides substantial protection to the server admin against innocent users being manipulated into taking malicious actions.
So there is some value to the server admin as well.
Sure, any malicious actor can assault the back end directly, but often they have no ability to attack from a context of authenticated trust.
A CORS misconfiguration makes the system more vulnerable to attacks that manipulate legitimate users into taking malicious actions.
So a CORS misconfiguration can lead to malicious actions coming in through highly trusted contexts, which can sometimes be substantially more harmful that random unauthenticated attack spam.
That’s an interesting perspective. I am pretty paranoid and I run the backend API in docker from a non-root user. I am pretty paranoid but kinda clueless doing all of this myself, I did use an ssh key that requires a yubikey to login to the VPS and I don’t store any secrets on the VPS it‘s all managed via GitLab.
I’m just getting started, so there’s not even a DB currently, not yet needed. I would want to run everything over k8s eventually, and was considering hosting gitlab myself for the experience and because I can’t afford paying for the CI/CD stuff.
Does it make sense to run everything on a separate instance from a security perspective? I’m already having nightmares from thinking about the networking between all of that :D
There's definitely security advantages to running things across multiple instances: if one gets hacked, the others are unaffected.
The networking should be pretty simple for what you're doing. A few things just change to like 127.0.0.1 to something like 172.31.X.X or whatever IPs your VPC ends up using.
It looks like you're doing very well, I've seen big companies with less security than that.