Broken Access Controls

 As I have been working on my projects, I have come across the same shared sentiment. Security in every step of development. While that my sound like overkill if you can imagine building a huge wall before you start building the house, here are situations where the wall before the house make sense. 

If your building materials are behind the wall then they are safe, well safer than not having a wall (these days you could have an electric fence and people would still find a way to get in😂)

Now this is way worse in a website because you could have banking information system, etc. so what is this?

Broken Access Controls

 This is a process whereby a user gets access to a webpage that they were not intended to access ~ Source: ME

Let's give an example with a very beautiful website for farming.

I love the colours wouldn't you agree? 

Jokes aside, So this would be a homepage for a website and you'd click the "Go to Dashboard" to go to your dashboard, clicking that link would take you to this page

Here you'd have to add your details and signup then you'd be taken to the dashboard, but what if the person infront of the screen intends to be a bad actor. With some knowledge of URLs he could think to edit the URL 

Just that and he could be here

Yikes? but this is just the tip of the iceberg.

Imagine you are an engineer at Netflix, and you make this mistake, free movies for everyone?

Or even worse let's say the URL was

mybank/id=1234. This could be the URL for my account, but what happens if I made it 1233, Do I suddenly get access to someone else's account? These are the dangers associated with broken access controls.

Now my lovely website was created using React and this is a simple way of protecting routes in react, you can check on Youtube for tutorials on other frameworks

Pre Route Protection

After Route Protection

and just like that you can be secure from unauthorized access. Now for larger projects it becomes more complicated than this and this is a basic depiction using a website that renders straight files. But hope you learnt something!