Show HN: A Security-First Web Server in C with XSS, SQL Injection Protection

Y	Hacker News new \| ask \| show \| jobs

Show HN: A Security-First Web Server in C with XSS, SQL Injection Protection (github.com)

3 points by pulkas 558 days ago

I built a high-performance web server in C that prioritizes security from the ground up. Key features:

- XSS protection and SQL injection prevention built into the core - Rate limiting with IP tracking and automatic blocking - Comprehensive security headers (CSP, HSTS, CORS) - Multi-threaded architecture with connection pooling - Zero-copy file serving for performance - 100% test coverage with integration tests - Pure C99, no external dependencies beyond POSIX

The goal was to create a web server that's secure by default and easy to audit (under 2000 lines of C). All security features are enabled out of the box with sensible defaults.

GitHub: https://github.com/erson/misewe

I am looking for feedback, especially on the security implementation and test coverage. The code is MIT-licensed.