security

Master UFW (Uncomplicated Firewall) on Ubuntu — from installation and basic rules to advanced configurations and VPS hardening best practices.

Learn how the BFF (Backend for Frontend) pattern eliminates token theft risk by keeping JWT refresh tokens out of the browser entirely — stored in HttpOnly cookies managed by the server, never accessible to JavaScript.

A practical guide to the OWASP Top 10 (2021) for developers. Learn how Injection, XSS, CSRF, SSRF, Broken Access Control, and 5 more critical vulnerabilities work — with real attack scenarios and TypeScript defense code.

Master the foundational security concepts every developer needs. Learn CIA triad, threat modeling with STRIDE, defense in depth, zero trust architecture, and how to apply them in real applications.

Master web security from fundamentals to production hardening. A comprehensive roadmap covering OWASP Top 10, authentication security, XSS, SQL injection, CSRF, API security, and more.

Complete guide to implementing OAuth2 social login with Google and GitHub in Spring Boot. Learn Spring Security OAuth2 Client, user registration flow, linking social accounts, and combining JWT with OAuth2.

Complete guide to securing Spring Boot applications with Spring Security, JWT tokens, and role-based access control. Learn authentication, authorization, password encryption, and best practices for building secure REST APIs.

Master authorization in FastAPI with role-based access control, permission systems, and resource-level security. Learn RBAC, scopes, and policy-based authorization.

Master authentication in FastAPI with JWT tokens, OAuth2 password flow, and best practices. Learn secure password hashing, token refresh, and route protection.