Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

blog: GraphQL Protect #1519

Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
78 changes: 78 additions & 0 deletions website/pages/blog/announcing-graphql-protect.mdx
Original file line number Diff line number Diff line change
@@ -0,0 +1,78 @@
---
title: Announcing GraphQL Protect - Secure any GraphQL API with ease
authors: [ldebruijn]

Check failure on line 3 in website/pages/blog/announcing-graphql-protect.mdx

View workflow job for this annotation

GitHub Actions / runner / vale

[vale] reported by reviewdog 🐶 [Vale.Spelling] Did you really mean 'ldebruijn'? Raw Output: {"message": "[Vale.Spelling] Did you really mean 'ldebruijn'?", "location": {"path": "website/pages/blog/announcing-graphql-protect.mdx", "range": {"start": {"line": 3, "column": 11}}}, "severity": "ERROR"}
tags: [graphql, server, security, graphql-protect]

Check failure on line 4 in website/pages/blog/announcing-graphql-protect.mdx

View workflow job for this annotation

GitHub Actions / runner / vale

[vale] reported by reviewdog 🐶 [Vale.Spelling] Did you really mean 'graphql'? Raw Output: {"message": "[Vale.Spelling] Did you really mean 'graphql'?", "location": {"path": "website/pages/blog/announcing-graphql-protect.mdx", "range": {"start": {"line": 4, "column": 8}}}, "severity": "ERROR"}
date: 2024-01-30
description:
GraphQL Protect helps you maintain a secure, reliable and trustworthy API without needing to worry
about the details
image: /blog-assets/announcing-graphql-protect/cover.jpeg
thumbnail: /blog-assets/announcing-graphql-protect/cover.jpeg
---

In the dynamic landscape of customer facing development, GraphQL has proven its place as a powerful
query language for APIs, providing developers with flexibility and efficiency. However, as the

Check failure on line 14 in website/pages/blog/announcing-graphql-protect.mdx

View workflow job for this annotation

GitHub Actions / runner / vale

[vale] reported by reviewdog 🐶 [Vale.Spelling] Did you really mean 'APIs'? Raw Output: {"message": "[Vale.Spelling] Did you really mean 'APIs'?", "location": {"path": "website/pages/blog/announcing-graphql-protect.mdx", "range": {"start": {"line": 14, "column": 20}}}, "severity": "ERROR"}

Check warning on line 14 in website/pages/blog/announcing-graphql-protect.mdx

View workflow job for this annotation

GitHub Actions / runner / vale

[vale] reported by reviewdog 🐶 [write-good.TooWordy] 'However' is too wordy. Raw Output: {"message": "[write-good.TooWordy] 'However' is too wordy.", "location": {"path": "website/pages/blog/announcing-graphql-protect.mdx", "range": {"start": {"line": 14, "column": 80}}}, "severity": "WARNING"}
popularity of GraphQL continues to rise, so does the importance of securing your APIs against

Check failure on line 15 in website/pages/blog/announcing-graphql-protect.mdx

View workflow job for this annotation

GitHub Actions / runner / vale

[vale] reported by reviewdog 🐶 [Vale.Spelling] Did you really mean 'APIs'? Raw Output: {"message": "[Vale.Spelling] Did you really mean 'APIs'?", "location": {"path": "website/pages/blog/announcing-graphql-protect.mdx", "range": {"start": {"line": 15, "column": 82}}}, "severity": "ERROR"}
potential threats.

Enter [GraphQL Protect](https://github.com/ldebruijn/graphql-protect), a robust security sidecar
designed to fortify your GraphQL APIs and ensure airtight protection against common vulnerabilities.

Check failure on line 19 in website/pages/blog/announcing-graphql-protect.mdx

View workflow job for this annotation

GitHub Actions / runner / vale

[vale] reported by reviewdog 🐶 [Vale.Spelling] Did you really mean 'APIs'? Raw Output: {"message": "[Vale.Spelling] Did you really mean 'APIs'?", "location": {"path": "website/pages/blog/announcing-graphql-protect.mdx", "range": {"start": {"line": 19, "column": 34}}}, "severity": "ERROR"}

## 🚀 Why GraphQL Protect?

GraphQL is an amazingly powerful technology. Sadly, potential abusers think so too. There are a

Check warning on line 23 in website/pages/blog/announcing-graphql-protect.mdx

View workflow job for this annotation

GitHub Actions / runner / vale

[vale] reported by reviewdog 🐶 [write-good.Weasel] 'Sadly' is a weasel word! Raw Output: {"message": "[write-good.Weasel] 'Sadly' is a weasel word!", "location": {"path": "website/pages/blog/announcing-graphql-protect.mdx", "range": {"start": {"line": 23, "column": 46}}}, "severity": "WARNING"}

Check failure on line 23 in website/pages/blog/announcing-graphql-protect.mdx

View workflow job for this annotation

GitHub Actions / runner / vale

[vale] reported by reviewdog 🐶 [write-good.ThereIs] Don't start a sentence with 'There are'. Raw Output: {"message": "[write-good.ThereIs] Don't start a sentence with 'There are'.", "location": {"path": "website/pages/blog/announcing-graphql-protect.mdx", "range": {"start": {"line": 23, "column": 85}}}, "severity": "ERROR"}
variety of ways your GraphQL API is vulnerable to abuse, including Denial of Service Attacks, Server

Check warning on line 24 in website/pages/blog/announcing-graphql-protect.mdx

View workflow job for this annotation

GitHub Actions / runner / vale

[vale] reported by reviewdog 🐶 [alex.ProfanityMaybe] Reconsider using 'abuse', it may be profane. Raw Output: {"message": "[alex.ProfanityMaybe] Reconsider using 'abuse', it may be profane.", "location": {"path": "website/pages/blog/announcing-graphql-protect.mdx", "range": {"start": {"line": 24, "column": 51}}}, "severity": "WARNING"}
Overloading, Brute Force attacks, Heap Overflows and more.

[GraphQL Protect](https://github.com/ldebruijn/graphql-protect) helps you maintain a secure,
reliable and trustworthy API without needing to worry about the details. Simply run it in front of

Check failure on line 28 in website/pages/blog/announcing-graphql-protect.mdx

View workflow job for this annotation

GitHub Actions / runner / vale

[vale] reported by reviewdog 🐶 [alex.Condescending] Using 'Simply' may come across as condescending. Raw Output: {"message": "[alex.Condescending] Using 'Simply' may come across as condescending.", "location": {"path": "website/pages/blog/announcing-graphql-protect.mdx", "range": {"start": {"line": 28, "column": 74}}}, "severity": "ERROR"}

Check warning on line 28 in website/pages/blog/announcing-graphql-protect.mdx

View workflow job for this annotation

GitHub Actions / runner / vale

[vale] reported by reviewdog 🐶 [write-good.Weasel] 'Simply' is a weasel word! Raw Output: {"message": "[write-good.Weasel] 'Simply' is a weasel word!", "location": {"path": "website/pages/blog/announcing-graphql-protect.mdx", "range": {"start": {"line": 28, "column": 74}}}, "severity": "WARNING"}
your existing GraphQL API and thanks to well-defined defaults, you can be protected in a matter of

Check warning on line 29 in website/pages/blog/announcing-graphql-protect.mdx

View workflow job for this annotation

GitHub Actions / runner / vale

[vale] reported by reviewdog 🐶 [write-good.Passive] 'be protected' may be passive voice. Use active voice if you can. Raw Output: {"message": "[write-good.Passive] 'be protected' may be passive voice. Use active voice if you can.", "location": {"path": "website/pages/blog/announcing-graphql-protect.mdx", "range": {"start": {"line": 29, "column": 72}}}, "severity": "WARNING"}
minutes.

## 🛡️ Security for everyone!

GraphQL Protect is designed with a straightforward goal in mind: Making GraphQL server security dead

Check warning on line 34 in website/pages/blog/announcing-graphql-protect.mdx

View workflow job for this annotation

GitHub Actions / runner / vale

[vale] reported by reviewdog 🐶 [write-good.Passive] 'is designed' may be passive voice. Use active voice if you can. Raw Output: {"message": "[write-good.Passive] 'is designed' may be passive voice. Use active voice if you can.", "location": {"path": "website/pages/blog/announcing-graphql-protect.mdx", "range": {"start": {"line": 34, "column": 17}}}, "severity": "WARNING"}

Check warning on line 34 in website/pages/blog/announcing-graphql-protect.mdx

View workflow job for this annotation

GitHub Actions / runner / vale

[vale] reported by reviewdog 🐶 [alex.ProfanityUnlikely] Be careful with 'dead', it’s profane in some cases. Raw Output: {"message": "[alex.ProfanityUnlikely] Be careful with 'dead', it’s profane in some cases.", "location": {"path": "website/pages/blog/announcing-graphql-protect.mdx", "range": {"start": {"line": 34, "column": 97}}}, "severity": "WARNING"}
simple. Acting as a sidecar to your GraphQL API,

Check failure on line 35 in website/pages/blog/announcing-graphql-protect.mdx

View workflow job for this annotation

GitHub Actions / runner / vale

[vale] reported by reviewdog 🐶 [alex.Condescending] Using 'simple' may come across as condescending. Raw Output: {"message": "[alex.Condescending] Using 'simple' may come across as condescending.", "location": {"path": "website/pages/blog/announcing-graphql-protect.mdx", "range": {"start": {"line": 35, "column": 1}}}, "severity": "ERROR"}
[GraphQL Protect](https://github.com/ldebruijn/graphql-protect) seamlessly integrates with any
GraphQL implementation, no matter your tech stack.

Additionally, dive into detailed configuration options for full control over your security measures.

Check warning on line 39 in website/pages/blog/announcing-graphql-protect.mdx

View workflow job for this annotation

GitHub Actions / runner / vale

[vale] reported by reviewdog 🐶 [write-good.Weasel] 'Additionally' is a weasel word! Raw Output: {"message": "[write-good.Weasel] 'Additionally' is a weasel word!", "location": {"path": "website/pages/blog/announcing-graphql-protect.mdx", "range": {"start": {"line": 39, "column": 1}}}, "severity": "WARNING"}

Check warning on line 39 in website/pages/blog/announcing-graphql-protect.mdx

View workflow job for this annotation

GitHub Actions / runner / vale

[vale] reported by reviewdog 🐶 [alex.ProfanityUnlikely] Be careful with 'dive', it’s profane in some cases. Raw Output: {"message": "[alex.ProfanityUnlikely] Be careful with 'dive', it’s profane in some cases.", "location": {"path": "website/pages/blog/announcing-graphql-protect.mdx", "range": {"start": {"line": 39, "column": 15}}}, "severity": "WARNING"}
No frills, just solid protection.

## 🖥️ Getting Started:

[Getting started](https://github.com/ldebruijn/graphql-protect?tab=readme-ov-file#installation) with
GraphQL Protect is a breeze. Just fire up the container, direct it to your existing GraphQL API, and

Check warning on line 45 in website/pages/blog/announcing-graphql-protect.mdx

View workflow job for this annotation

GitHub Actions / runner / vale

[vale] reported by reviewdog 🐶 [alex.ProfanityUnlikely] Be careful with 'fire', it’s profane in some cases. Raw Output: {"message": "[alex.ProfanityUnlikely] Be careful with 'fire', it’s profane in some cases.", "location": {"path": "website/pages/blog/announcing-graphql-protect.mdx", "range": {"start": {"line": 45, "column": 35}}}, "severity": "WARNING"}
ensure that all your traffic flows through
[GraphQL Protect](https://github.com/ldebruijn/graphql-protect) before reaching your API. It's that
straightforward.

```shell
docker pull ghcr.io/ldebruijn/graphql-protect:latest
docker run -p 8080:8080 -v $(pwd)/protect.yml:/app/protect.yml -v $(pwd)/schema.graphql:/app/schema.graphql ghcr.io/ldebruijn/graphql-protect:latest
```

Or check out the
[run documentation](https://github.com/ldebruijn/graphql-protect/blob/main/docs/README.md#run) for
more information.

## 📖 Intuitive Configuration

Configuring security measures should be straightforward. GraphQL Protect offers
[simple and intuitive configuration](https://github.com/ldebruijn/graphql-protect/blob/main/docs/configuration.md)

Check failure on line 62 in website/pages/blog/announcing-graphql-protect.mdx

View workflow job for this annotation

GitHub Actions / runner / vale

[vale] reported by reviewdog 🐶 [alex.Condescending] Using 'simple' may come across as condescending. Raw Output: {"message": "[alex.Condescending] Using 'simple' may come across as condescending.", "location": {"path": "website/pages/blog/announcing-graphql-protect.mdx", "range": {"start": {"line": 62, "column": 2}}}, "severity": "ERROR"}
for each protection, allowing you to tailor security settings to the specific needs of your GraphQL
API. With a few lines of code, you can enhance your API's defenses without unnecessary complexity.

## ✅ Conclusion

As the need for robust security measures in GraphQL APIs becomes increasingly crucial,
[GraphQL Protect](https://github.com/ldebruijn/graphql-protect) stands out as a reliable and
effective solution. By seamlessly running this solution in front of your GraphQL server, you can
safeguard your application against a variety of potential threats, ensuring a secure and trustworthy
API for your users.

Don't compromise on security – fortify your GraphQL APIs with
[GraphQL Protect](https://github.com/ldebruijn/graphql-protect) today. Visit the
[GitHub repository](https://github.com/ldebruijn/graphql-protect) to explore the features,
documentation, and community support that make this solution an indispensable tool in your security
toolkit.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
5 changes: 5 additions & 0 deletions website/ui/authors.ts
Original file line number Diff line number Diff line change
Expand Up @@ -196,4 +196,9 @@ export const AUTHORS: Record<string, Author> = {
link: 'https://twitter.com/NoheHf',
github: 'nohehf',
},
ldebruijn: {
name: 'Lars de Bruijn',
link: 'https://github.com/ldebruijn',
github: 'ldebruijn',
},
};
Loading