|
|
|
|
|
|
by brobdingnagians
2121 days ago
|
|
|
By default, have your firewall block _all_ outward connections. Only whitelist the ones you know you need. And as narrow as possible (i.e. specific hosts). Minimize the number of dependencies. Systems that make it hard to add dependencies have the virtue of thinking harder about whether you want to add them. Having a few central libraries that do exactly what you need is better than drawing in the kitchen sink. It is often easier to write a specific function that does precisely what you need than people think. That is easier to change, and easier to maintain in the long run, than ingesting a huge library with its dependencies that do things you will probably never need. |
|
|