loading...

Webapp pre-launch checklist?

patarapolw profile image Pacharapol Withayasakpunt ・1 min read

And what to do if I have launched it? I have users, bad database structure, as well as insecure APIs as well.

I don't aim to make a profit, but I don't want to pay for my wrongdoings either.

Discussion

markdown guide
 

A lot of this depends on your stack.

Example:

  • Are you allowing for UGC via some type of form?
  • Do these forms interact w/a SQL database?
  • If the above are yes, SQL injection is a vulnerability you want to scan for.
 

It's not clear from your post if you've launched it already or not.
You have already recognized a few issues.
If you think the database structure is bad it's probably because you're evaluating it in terms of the way you think your webapp is going to evolve. I wouldn't stress too much about it but rather I would prioritise understanding if your user-base is gaining value from your app as well as validating if your assumptions are correct. Sometimes you find that your users are going to need something different from what you had already imagined and that probably means a database structure you hadn't thought of.
Regarding insecure APIs I would prioritise the privacy and security of your users. So if you acknowledge that insecure API might harm your users I'd definitely prioritise addressing that.

 

I indeed meant both ways -- I have old one I don't want to maintain anymore, and I want to create a new one.

However, there will be a user system, so privacy and security come first.

 

You've said it yourself, fix your data structures and secure your APIs!