Security improvements

In this section of the book we’re going to make some improvements to our application so that our data is kept secure during transit and our server is better able to deal with some common types of denial-of-service attacks.

You’ll learn:

• How to quickly and easily create a self-signed TLS certificate, using only Go.
• The fundamentals of setting up your application so that all requests and responses are served securely over HTTPS.
• Some sensible tweaks to the default TLS settings to help keep user information secure and our server performing quickly.
• How to set connection timeouts on our server to mitigate slow-client attacks.