Show HN: A Security-First Web Server in C with XSS, SQL Injection Protection https://ift.tt/Tvl2Jj6

Show HN: A Security-First Web Server in C with XSS, SQL Injection Protection I built a high-performance web server in C that prioritizes security from the ground up. Key features: - XSS protection and SQL injection prevention built into the core - Rate limiting with IP tracking and automatic blocking - Comprehensive security headers (CSP, HSTS, CORS) - Multi-threaded architecture with connection pooling - Zero-copy file serving for performance - 100% test coverage with integration tests - Pure C99, no external dependencies beyond POSIX The goal was to create a web server that's secure by default and easy to audit (under 2000 lines of C). All security features are enabled out of the box with sensible defaults. GitHub: https://ift.tt/Wj3ID80 I am looking for feedback, especially on the security implementation and test coverage. The code is MIT-licensed. https://ift.tt/Wj3ID80 December 9, 2024 at 04:17AM