Helmet is an Express middleware that manages HTTP headers for security. I'm not actually sure if it is needed when using a reverse proxy server. One way to check would be to see if responses have the X-Powered-By header.
Here's the expressjs web page on security best practices.
Helmet is an Express middleware that manages HTTP headers for security. I'm not actually sure if it is needed when using a reverse proxy server. One way to check would be to see if responses have the X-Powered-By header.
Here's the expressjs web page on security best practices.
https://expressjs.com/en/advanced/best-practice-security.html