Help me secure my REST API against common attacks.
Tech stack: [DESCRIBE]
Auth method: [JWT / SESSION / API KEY / OAUTH]
Data sensitivity: [LOW / MEDIUM / HIGH / FINANCIAL / MEDICAL]
Provide:
1. **Authentication**: Secure token handling, expiry, and refresh
2. **Authorisation**: Role-based and resource-level access control
3. **Input Validation**: Sanitising all input to prevent injection attacks
4. **Rate Limiting**: Protecting against brute force and DDoS
5. **CORS Configuration**: Setting up CORS correctly for my use case
6. **HTTPS Enforcement**: Ensuring all traffic is encrypted
7. **Error Messages**: Secure error handling that doesn't leak information
8. **SQL Injection Prevention**: Parameterised queries and ORM safety
9. **Dependency Security**: Auditing and updating vulnerable packages
10. **Security Headers**: Essential HTTP headers (CSP, HSTS, X-Frame-Options)
Help me secure my REST API against common attacks.
Tech stack: [DESCRIBE]
Auth method: [JWT / SESSION / API KEY / OAUTH]
Data sensitivity: [LOW / MEDIUM / HIGH / FINANCIAL / MEDICAL]
Provide:
1. **Authentication**: Secure token handling, expiry, and refresh
2. **Authorisation**: Role-based and resource-level access control
3. **Input Validation**: Sanitising all input to prevent injection attacks
4. **Rate Limiting**: Protecting against brute force and DDoS
5. **CORS Configuration**: Setting up CORS correctly for my use case
6. **HTTPS Enforcement**: Ensuring all traffic is encrypted
7. **Error Messages**: Secure error handling that doesn't leak information
8. **SQL Injection Prevention**: Parameterised queries and ORM safety
9. **Dependency Security**: Auditing and updating vulnerable packages
10. **Security Headers**: Essential HTTP headers (CSP, HSTS, X-Frame-Options)
How to use this prompt
Copy the prompt above and paste it into ChatGPT, Claude, Gemini, or any AI assistant. Replace the bracketed placeholders with your specific details.
Leave a Review
Tried this prompt? Let us know how it worked — your reviews help other users find the best prompts.