In a previous blog post I mentioned ways to secure your ExpressJS instance. This included both using third party modules and modifications to the default configuration of Express.
The blog post received great feedback, so we decided to create a skeleton that showed how to handle the security concerns addressed. The skeleton is a great starting point for a secure ExpressJS application and this post will cover the details getting started with it and what it covers for you out of the box.
The source code for the skeleton can be found here dead-simple-express.
Check out the secure branch for all the details.
The following instructions are done with an OSX machine in mind, so modify accordingly.
Make sure to have mongodb installed
brew install mongodb
git clone https://github.com/jeremybuis/dead-simple-express.git && cd dead-simple && rm -rf .git npm install
bower install npm start
Navigate to http://localhost:4000 to view the basic page, keeping in mind its a starting point project, so things are pretty bare.