One section to add would be guarding against modification of JS files. Some prominent sites have had credit card numbers stolen this way.
Step one is making sure storage is secured properly (e.g. S3 permissions). An advanced move would be to generate checksums when JS files are deployed, then validate those checksums each time they’re used to ensure they haven’t changed.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
One section to add would be guarding against modification of JS files. Some prominent sites have had credit card numbers stolen this way.
Step one is making sure storage is secured properly (e.g. S3 permissions). An advanced move would be to generate checksums when JS files are deployed, then validate those checksums each time they’re used to ensure they haven’t changed.