

Ask HN: what are your ideas for a secure website? - hoodoof

Does anyone have any new ideas for how to make a secure website?<p>My idea is for a &quot;compiled webserver&quot; which has nothing but the OS kernel, TCP&#x2F;IP stack and a compiled web application, all compiled into a single executable.  The (optional) file system is read only.  So there&#x27;s nothing even to log in to.<p>Does anyone else have ideas for how to make a website super secure?
======
mooism2
What do you mean by "secure"? What's your threat model?

e.g. I don't see how your idea would protect against XSS, or against a
heartbleed type bug. What are you trying to protect against?

