Running into some possible security vulnerabilities and need help wrapping my mind around them


#1

I’m trying to build a simple store application that will accept a users credit card info and also talk to a backend Ember Data Store to update the quantity for an item as well as do some other things like emailing them their receipt and sending their shipping info to another database so we can access it on another url to see new orders that are coming in.

As far as the credit card info I’ve had success in the past using Stripe and it seems pretty secure. I can make an ajax post to a PHP script that has the secret key loaded from a config file so it’s not just laying around.

But when it comes to talking to the backend, here is where I’m getting a little worried about security.

I have been messing with Parse and someone put together a really awesome parse adapter that works out of the box perfectly. I can read and update records and even create and delete them, awesome! However it required that several API keys specific to my app be placed right in the init of the adapter, and that scares me. I don’t want someone to be able to grab those and make their own app and make calls. There are ways on parse’s end to add ACL’s and such but it’s a little harder to authenticate the app without hard coding the password to a user record that has the ACL privileges.

So then I started looking into other backend possibilities and came across an article talking about getting node+express+mongodb set up to serve a REST API that can be used with the Ember-Data REST adapter. Great! But it still seems that anyone digging around a little bit in the front end javascript code could possibly figure out my routes and make changes to my database all day long.

Now none of the end users credit card data would be stored since that’s how Stripe handles it. But they could get into the database and change quantities or update names and descriptions or even remove everything from the database all together if they were able to get in. And not to mention there may be another database on a different server that I post all the shipping info to and that could be a vulnerability as well.

I know nothing of security when it comes to this since I’ve only really been building robust websites and nothing this complex in nature. So I’m a little worried needless to day, and I hope someone can shed some light on what you have done to keep data safe or if you have used a backend stack of some sort that is very security.