Scaling securely at the frontend


Eliminate the middleware tier and directly communicate with back-end APIs for better security, lower cost, and greater speed.

High volume web sites that offload scale to the frontend using techniques like leveraging edge caching with a partner content delivery network (CDN) see many benefits, including better performance and a much simpler, more resilient, and potentially cheaper infrastructure to maintain. But one of the main questions I get when talking about this philosophy with folks is: What about security? How do you securely handle things like authorization to APIs or prevent eavesdropping and altering of data transmission when your application mainly lives on the client-side?

It’s easy to think that a mostly client-side site can’t be secure. You may feel compelled to maintain a user session server-side, or think you need a middleware tier to host your secret tokens. My own portfolio is full of sites that have a middleware layer for just this reason. But the truth is that you don’t have to sacrifice security for performance.

Continue reading Scaling securely at the frontend.

Powered by WPeMatico