
Ask HN: Platform/Framework for a small, secure Site? - ian0
Id like to implement a simple checkout, connecting to a payment gateway. The checkout flow is bespoke, perhaps 2 screens where a user selects some variables related to their purchase, during it there will be calls to a backend API. There will be a redirect to an EPG and redirect back post payment. There is no user-authentication (sign-in etc) required as the initial request will be validated as originating from a trusted source.<p>Does anyone have any recommendations on a language, framework or platform that:<p>- Has a good degree of out of the box security to ease OWASP compliance<p>- Requires minimal maintenance from a security standpoint. Eg doesn&#x27;t use a whole host of third party packages.<p>- Is able to be deployed on Heroku, or hosted on a third party service with a CDN that covers asia.<p>- Isnt a single page app or part of a big e-comm framework<p>Sorry - a pretty niche request - suggestions &#x2F; pointers are much appreciated :)
======
jesses
I've been using Elixir/Phoenix for a while now and only have good things to
say about it. I deploy on gigalixir.com, but Heroku works also. I'm the
founder of gigalixir.

------
bausshf
You could take a look at my framework which I initially posted to HN recently
here:
[https://news.ycombinator.com/item?id=16743476](https://news.ycombinator.com/item?id=16743476)

I'd be more than happy in assisting you how to use it.

~~~
bausshf
For Heroku deployment you could take a look at this:
[https://tour.dlang.org/tour/en/vibed/deploy-on-
heroku](https://tour.dlang.org/tour/en/vibed/deploy-on-heroku)

I'd have to add Heroku deployment to the actual documentation though.

~~~
bausshf
Heroku deployment has been added now
[http://diamondmvc.org/tutorials/deployment#deploying-with-
he...](http://diamondmvc.org/tutorials/deployment#deploying-with-heroku)

