ToolypetMCP
advanced10 minutescross hub

Full-Stack Security Setup

Comprehensive security setup: password hashing, JWT auth, CSP, CORS, security headers, and 2FA.

securityfull-stackauthcspcors

何时使用此配方

Complete security foundation for a new web application. Covers authentication, authorization, browser security, and API protection in one workflow.

步骤

1

Password Generator

试用此工具

Create secure initial passwords

提示词:Generate strong default passwords for admin accounts
2

Hash Calculator

试用此工具

Securely hash passwords

提示词:Hash passwords with bcrypt for database storage
3

Secret Generator

试用此工具

Create application secrets

提示词:Generate JWT signing secret, session secret, and API keys
4

JWT Generator

试用此工具

Configure JWT authentication

提示词:Set up JWT token generation with proper claims and expiration
5

CSP Generator

试用此工具

Lock down content loading

提示词:Generate strict Content Security Policy
6

CORS Generator

试用此工具

Set up cross-origin access

提示词:Configure CORS for API and frontend domains

常见问题

What security should every web app have at minimum?

HTTPS, secure password hashing (bcrypt/argon2), CSRF protection, CSP headers, rate limiting, and input validation. This recipe covers most of these.

How often should I rotate secrets and keys?

JWT signing keys: every 90 days. API keys: every 180 days or on team changes. Session secrets: on every deployment. Passwords: on suspected breach only (not on a schedule).

相关配方

Website Launch Checklist

Complete pre-launch checklist: SEO meta tags, Open Graph, sitemap, robots.txt, and security headers.

Freelancer Financial Toolkit

Essential freelancer tools: project margin calculator, invoice tip estimator, and expense split for teams.

Blog Post SEO Optimization

Optimize blog posts with meta tags, Open Graph, SERP preview, and structured data for maximum visibility.

E-commerce Store Launch

Launch an online store with product margin analysis, SEO setup, security configuration, and pricing strategy.

返回所有配方