small medium large xlarge

Secure Your Node.js Web Application; July PragPub

July 08, 2015

On this very day in 1947, reports from Roswell, New Mexico disclosed that a UFO crash landed there. A UFO that apparently looked remarkably like a weather balloon. Which just goes to show how hard security can be when you can't even identify the attacker.

Cybercriminals, of course, are cheerfully anonymous, and will stop at nothing to break into your apps. Are you ready? Come grab a copy of Secure Your Node.js Web Application: Keep Attackers Out and Users Happy (, now in beta.

And there's tons of great stuff in this month's PragPub magazine: justifying non-feature coding, more on Swift, mutation testing, teaching kids to program, and the Internet of Things. Read on for details…

Secure Your Node.js Web Application: Keep Attackers Out and Users Happy

Bake security into your code from the start. See how to protect your Node.js applications at every point in the software development life cycle, from setting up the application environment to configuring the database and adding new functionality. You'll follow application security best practices and analyze common coding errors in applications as you work through the real-world scenarios in this book.

Protect your database calls from database injection attacks and learn how to securely handle user authentication within your application. Configure your servers securely and build in proper access controls to protect both the web application and all the users using the service. Defend your application from denial of service attacks. Understand how malicious actors target coding flaws and lapses in programming logic to break in to web applications to steal information and disrupt operations. Work through examples illustrating security methods in Node.js. Learn defenses to protect user data flowing in and out of the application.

By the end of the book, you'll understand the world of web application security, how to avoid building web applications that attackers consider an easy target, and how to increase your value as a programmer.

Now available from

July PragPub Magazine

This month in PragPub we have the first installment of a series on teaching kids to code, written by Jim Bonang with an assist from Clarisse Bonang, an actual kid. It’s filled with insight and case-study experience, and if you’ve ever taught or wanted to teach or imagined yourself teaching someone of the kid persuasion how to code, you’ll get a lot out of it.

Jim found himself thrown into an intense teaching situation, and drew inspiration and guidance from a variety of sources, including a special issue of PragPub on teaching kids to code. You can download that special issue for free from

But back to this issue. We have a few more goodies, such as these:

R. Michael Rogers shares his experience in learning about mutation testing, and why he has become an evangelist for this testing tool. If you’ve ever had the feeling that you’re refactoring without a safety net, you need to know about mutation testing.

Rachel Davies shines light on a perennial problem in software development: how do you explain to management the importance of those hours you spend — or need to spend, anyway — in activities that don’t move the needle in any way they can measure? How do you justify taking time away from adding features or upping the count of lines of committed code, to spend it on cleaning up the code you have, tending the garden that is your codebase? Is there an answer? Rachel says yes, but her answer may surprise you.

What else? There’s the next installment in our series designed to help you get a grip on functional programming in Swift. Rothman and Lester have been helping developers with their careers for years, and this month they show you the critical importance of understanding what sets you apart from the crowd. Marcus Blankenship shares the one thing you have to learn when you make the leap from lead programmer to owning your own agency. And John Shade opines on the Internet of Things. And there’s more, including a puzzle and Antonio Cangiano’s list of new tech books. We hope you enjoy the issue!

Now available from

Upcoming Author Appearances

  • 2015-07-09 Chris Adamson, CocoaConf Columbus
  • 2015-07-10 Chris Adamson, CocoaConf Columbus
  • 2015-07-11 Chris Adamson, CocoaConf Columbus
  • 2015-07-20 Rob Miller, Brighton Ruby Conference 2015
  • 2015-07-21 Johanna Rothman, Uberconf, Denver, CO
  • 2015-07-22 Johanna Rothman, Uberconf, Denver, CO
  • 2015-08-01 Mark Sobkowicz, Burlington Ruby Conference, Burlington, VT
  • Did You Know?

    We publish books across a range of technologies for folks at different levels of abilities, all the way from novice to expert. If you haven't browsed all of our titles recently, come take a look:

    Agile Practices • Android, iPhone, and Mobile Programming • Career Development • Cool Things for Smart People • DIY & Hardware • For Beginners • Gaming • Java and JVM Languages • Mac, iPhone, and iPad Programming • Pragmatic exPress • Ruby and Rails • Testing, Design, and Cloud Computing • Tools, Frameworks, Languages • Web 2.0+

    Come check out all our categories at

    Don't Get Left Out

    Are your friends jealous that you get these spiffy email newsletters and they don't? Clue them in that all they need to do is create an account on (email address and password is all it takes) and select the checkbox to receive newsletters.

    Are you following us on Twitter and/or Facebook? Here's where you can find us and keep up with the latest news and commentary, and occasional discounts:

    Tell your friends! Tweet this

    Follow us on Twitter: @pragprog, @pragpub, Andy @PragmaticAndy and Dave @pragdave.

    Coming Soon:

    • Web Development Recipes 2nd Edition in print
    • More titles on Rails, Postgres, Bootstrap, and Angular JS…

    Recently Released:

    Thanks for your continued support,

    Andy & Dave The Pragmatic Programmers

    Books • eBooks • PragPub Magazine • Audiobooks and Screencasts