Secure your application

In this guide we will see how you can secure your Strapi application by using a third party provider.

TIP

In this example we will use SqreenSecure your application - 图1 (opens new window).

Their onboardingSecure your application - 图2 (opens new window) is really easy to follow and understand.

Install Sqreen

Sqreen is an Application Security Management tool that enables protection tailored to your stack, allowing unprecedented visibility into your security and ability to scale it in production.

You will have to install Sqreen node_module in your application.

yarn add sqreen

npm install sqreen

Start your application programmaticaly

We will have to require the Sqreen node_module in the file we use to start Strapi.

To do so you will have to create a server.js file to be able to start our application by running node server.js.

Path — ./server.js

  1. const strapi = require('strapi');
  2. strapi().start();

Now you can run node server.js and it will start your application.

Inject and configure Sqreen agent

By following their Node.js onboarding, we need to require the Sqreen node_module where the server is started. Also, Sqreen has to be required just before Strapi to work!

This is the reason why we have created a server.js file.

To do so, you will have to update this file.

Path — ./server.js

  1. require('sqreen');
  2. const strapi = require('strapi');
  3. strapi().start();

To let Strapi and Sqreen sync, you will have to create a ./sqreen.json file with your credentials.

Then start your server with node server.js and we are done.