|
|
|
|
|
|
by ericgearhart
5152 days ago
|
|
|
As someone who has worked on the "other side of the aisle" (I worked at a healthcare startup as a production support and network engineer) I'd say absolutely, you should try to learn as much as you can about secure coding practices. Trying to "duct tape" Apache's mod_security in front of an insecure webapp is no picnic... it would've been much cleaner to clean up the code base, but because the code was 10+ years old, the level of risk in changing that much code was deemed too high, and we needed fixes NOW (a customer was scanning us and finding SQL injections) we ended up standing up mod_security on the DMZ web servers we had. Please learn secure coding practices! Worst case it will make you a more valuable dev. |
|
|