How do I do API security?

I have an express API I want to only allow the frontend of my website to access, i’ve tried using ChatGPT only to get easily hackable answers, how can I secure my API?

Maybe generate pages server-side


Yes, as @9pfs said you can generate pages serverside, but you can also use CORS to make sure that other sites can’t use your API on the frontend. They can still access your API on the backend.
Please note that you should make your API secure, there is a way to bypass SSR pages because after all they will have to send a request to the server to perform an action and that can be intercepted using devtools.


This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.