@omkarkadu/secure-server-kit

A backend security middleware for Express.js applications that applies Content Security Policy (CSP), security headers, rate limiting, and basic VAPT / OWASP hardening with safe defaults.

This package is designed to be:

• Easy to use
• Secure by default
• Configurable when needed

Features

• Secure default Content Security Policy (CSP)
• Common OWASP-recommended security headers
• Removes Express fingerprinting
• Rate limiting enabled by default
• User-based rate limiting support
• Advanced route-specific rate limiting
• Ability to disable rate limiting
• Custom security signature header
• "use strict" across all source files

Installation

npm install @omkarkadu/secure-server-kit

Documentation

👉 Check the Docs.js file included in this package for a complete, fully working example with detailed comments and advanced configuration options.