Infra Hardening
Cloudflare WAF + DDoS
Multi-layer rate limits
Strong input validation (Pydantic, Zod)
Strict CORS
Security headers (CSP, HSTS, X-Frame-Options, etc.)
Encrypted secrets, encrypted DB at rest
Backups and restore drills
Regular dependency scans
Your Application Security:
Rate Limiting:
from slowapi import Limiter
limiter = Limiter(key_func=get_remote_address)
@app.post("/api/protected")
@limiter.limit("10/minute")
async def protected_route():
# Your logic
passInput Validation:
from pydantic import BaseModel, validator
class PaymentRequest(BaseModel):
amount: float
token: str
@validator('amount')
def validate_amount(cls, v):
if v <= 0 or v > 1000:
raise ValueError('Invalid amount')
return vEnvironment Variables:
# Never commit these!
MERCHANT_WALLET=your_wallet_address
JWT_SECRET=random_secret
DATABASE_URL=postgres://...Logging:
import logging
logger = logging.getLogger(__name__)
@app.post("/api/pay")
async def create_payment(req: PaymentRequest):
logger.info(f"Payment request: {req.amount} {req.token}")
# Process...
logger.info(f"Payment created: {payment_id}")Last updated