Community-Website [Backend] Adding various security features

Data sanitization against no SQL injection and XSS Rate limiter so the server won't get overload

If you find it relevant, please assign me. I am a participant of GSSOC'21 so please add the relevant GSSOC tags too.

Mar 13 '21 20:03 udaymittal7

Hello there!👋 Welcome to the project!🚀⚡

Thank you and congrats🎉 for opening your very first issue in this project. Community-website aims to build a resource sharing platform in order to reduce the knowledge gap. Please adhere to our Code of Conduct.🙌 If you have screenshots or a gif to share demonstrating the issue, that's really helpful!📸 Please make sure not to start working on the issue, unless you get assigned to it.😄

Feel free to join our Slack Community.💖 We have different channels for active discussions.✨ Hope you have a great time there!😄

Mar 13 '21 20:03 welcome[bot]

Can you please elaborate on it a bit? I don't feel the need for a rate limiter for the project.

Mar 14 '21 16:03 jackfrost13

XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user. To protect against this, I will be using xss-clean package.

NoSQL injection vulnerabilities allow attackers to inject code into commands for databases that don’t use SQL queries, such as MongoDB. I will be using express-mongo-sanitize to protect against this.

Multiple requests from the same IP may crash the server. You should have it implemented just in case.

Mar 15 '21 09:03 udaymittal7

okay, you can take this is just as an additional check but we don't feel the need for these explicitly at the moment but yeah these are somewhat good to have

Mar 15 '21 12:03 jackfrost13

@udaymittal7 Please update progess on this

Mar 19 '21 13:03 jackfrost13

Hi, I am a GSSoC'21 Participant. I would like to work on this issue, please assign it to me.