DEV Community πŸ‘©β€πŸ’»πŸ‘¨β€πŸ’»

DEV Community πŸ‘©β€πŸ’»πŸ‘¨β€πŸ’» is a community of 967,611 amazing developers

We're a place where coders share, stay up-to-date and grow their careers.

Create account Log in
Rumesh Madhusanka
Rumesh Madhusanka

Posted on

Where to use encryption πŸ€”

I am developing a nodejs rest API and a react frontend which uses the API. I hope to deploy them on azure. Do I need to enable encryption between the front end and the backend?

OR
Is it enough to enable encryption only on the front end?
(I do not plan to expose the API to third parties)

Top comments (2)

Collapse
 
pjeziorowski profile image
Patryk Jeziorowski • Edited on

Frontend - Backend communication should be encrypted.

Example - you type your credit card details in the UI. Would you like it to be transferred over the internet to the backend in plain text? :)

Collapse
 
lucis profile image
Lucis

What do you understand about "encryption"?

If the API is served over HTTPS your traffic is already much safe. If not, check Let's Encrypt and do it right away. Your API also should have a auth protection if it handles sensitive data, like a JWT approach. Also, check HelmetJS for some security good practices.

Update Your DEV Experience Level:

Settings

Go to your customization settings to nudge your home feed to show content more relevant to your developer experience level. πŸ›