CodePen Radio

#304: Security at CodePen

Feb 24 '21

As Alex puts it, and as evidenced by the Falkor header on our Notion planning board, security at CodePen is a NeverEnding Story. Not in an ugkadh this project will never end sense, but in that there is always some patch to stay on top of, some newly-evolving best practice to follow, or some new exploit in the wild to read about and make sure we’ve covered whatever scenario happened to them. We just so happened to get through a bunch of security upgrades at CodePen recently so hopped on this podcast to chat about them. CSP! HSTS! Zero trust networks!

Time Jumps

00:49 Security at CodePen
03:36 Security back in the day
06:08 XSS security issues
17:27 Sponsor: Jetpack
19:34 HTTPS redirects
35:22 Security is a never ending story

This is a perfect sponsor this week, as Jetpack has lots of powerful security features. For example, Jetpack can help automatically keep your plugins updated. A big part of security is keeping all your code up-to-date. Jetpack can also monitor your site’s uptime, meaning that if you go down you’ll be alerted and can get on top of it. It will also help against brute force login attacks. Just that stuff is amazing, but Jetpack also does backups and can scan your backups for security problems in the code itself. That’s a fantastic security package, all together.

Episode source

CodePen Radio Follow

#304: Security at CodePen

Time Jumps

Sponsor: Jetpack

CodePen Radio