Ask HN: Platform/Framework for a small, secure Site?

by ian0 on 4/5/2018, 11:47 AM with 6 comments

Id like to implement a simple checkout, connecting to a payment gateway. The checkout flow is bespoke, perhaps 2 screens where a user selects some variables related to their purchase, during it there will be calls to a backend API. There will be a redirect to an EPG and redirect back post payment. There is no user-authentication (sign-in etc) required as the initial request will be validated as originating from a trusted source.

Does anyone have any recommendations on a language, framework or platform that:

- Has a good degree of out of the box security to ease OWASP compliance

- Requires minimal maintenance from a security standpoint. Eg doesn't use a whole host of third party packages.

- Is able to be deployed on Heroku, or hosted on a third party service with a CDN that covers asia.

- Isnt a single page app or part of a big e-comm framework

Sorry - a pretty niche request - suggestions / pointers are much appreciated :)

  • by jesses on 4/5/2018, 1:17 PM

    I've been using Elixir/Phoenix for a while now and only have good things to say about it. I deploy on gigalixir.com, but Heroku works also. I'm the founder of gigalixir.

  • by bausshf on 4/5/2018, 12:31 PM

    You could take a look at my framework which I initially posted to HN recently here: https://news.ycombinator.com/item?id=16743476

    I'd be more than happy in assisting you how to use it.