Does the service of Weweb (and Xano) by itself have sufficient security hygene?
Or is it recommended to use addditional services, such as Cloudflare’s Pro plan or something else?
What have I tried so far:
make sense of securing my website, but most information I find seems promoting services (and it sounds like I really need all of them).
Welcome to the big bright world of marketing @thijs
All jokes aside, I second what @Micah said – Xano and WeWeb have the features you need to keep things secure – and would also love to know more about what specific concerns you have. Knowing what you’re worried about will help us explain how to address those concerns.
First off all: your responses are what I was hoping for!
Perhaps my question already revealed that I have no IT background at all, so after learning Weweb/Xano for a year I want to make sure that I’m not overseeing something obvious related to security that could be considered as negligence. That’s why I’m happy with your response as it puts things into perspective.
One specific concern that I can think of is lacking responsiveness of the webapp due to inappropriate use/pinging of the webapp (perhaps by anyone else than clients). But I suppose its okay to accept this risk and take action whenever it may occur.
You can also make usage of the xano feature “Middleware” to secure the xano API requests. This will allow you to for example, create roles and validate permissions to the databases before running the actual API request.
