Security module overview

Security is not a feature: you can’t "add security" to the application. Security is something that we should always care about, like code quality, performance, etc.

To ensure we are as secure as possible, we should know about possible security problems on all app levels:

• server level (ssh, ports, etc)
• network (SSL, etc)
• back end
• database
• front end
• domain logic level

Here you will find the links to the documentation related to the security.

Tools for testing certain aspects of our server security

• Mozilla observatory report
• Generate safe SSL configuration
• SSL test