Posts

Showing posts with the label security

Implementing Image Transformation Service with NextJS and imgproxy

Image
Introduction imgproxy is an efficient image processing and optimization service, featuring fast processing speeds, high security and low memory footprints because it is written in Go. The prominent advantages of imgproxy include the ability to resize, crop, compress and flexibly convert image formats (such as to WebP, AVIF) via URL. Notably, this service supports secure URL signing using HMAC encryption, which prevents DDoS attacks or unauthorized modifications of image size parameters from the client side. Although the NextJS Image component already supports automatic image resizing, it presents several limitations if you choose it for large-scale deployment Resized images stored in the cache of the .next folder only exist within a single NextJS server instance, making it difficult to share the cache when scaling up to multiple instances After building the project, the cache data is lost, or if you find a way to persist these resized images, a large dataset will still consume too much...

Enhancing Security with Hash ID in NestJS

Image
Introduction Hashids is a small open-source library that generates short, unique, non-sequential ids from numbers. It helps secure the system by hiding the real database IDs, preventing users from guessing or scraping data via URLs. Advantages: Security: Hides real IDs, preventing exposure of data structure and the total number of records. Two-way transformation: Allows easy encoding and decoding without requiring storage in the database. High customization: Supports minimum length configuration and utilizes a distinct salt value to guarantee the generated strings are unique to your system. No collisions: The exact same ID and salt value will consistently produce the identical unique string. Limitations: Not true cryptography: Hashids does not employ strong encryption algorithms, meaning someone with the salt and the algorithm can still reverse the string. Therefore, do not use it to secure highly sensitive data. Dependency on Salt: If you lose or alter your Salt string, all prev...