[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"academy-blogs-en-1-1-all-go-websocket-security-all--*":3,"academy-blog-translations-10ms849cg51l4o0":164},{"data":4,"page":152,"perPage":152,"totalItems":152,"totalPages":152},[5],{"alt":6,"collectionId":7,"collectionName":8,"content":9,"cover_image":10,"cover_image_path":11,"created":12,"created_by":13,"expand":14,"id":158,"keywords":159,"locale":134,"published_at":160,"scheduled_at":13,"school_blog":156,"short_description":161,"slug":162,"status":154,"title":6,"updated":163,"updated_by":13,"views":157},"Ep.28 Go and WebSocket Security - Enhancing the Security of Your System!","sclblg987654321","school_blog_translations","\u003Cp class=\"p1\">\u003Cstrong>Go and WebSocket Security - Enhancing the Security of Your System!\u003C\u002Fstrong>\u003C\u002Fp>\u003Cp class=\"p3\">In this episode, we will explore how to increase the security of your WebSocket Cluster by using Encryption and Authorization to prevent attacks and protect the privacy of your data.\u003C\u002Fp>\u003Cp class=\"p4\"> \u003C\u002Fp>\u003Cp class=\"p3\">\u003Cstrong>Why Does a WebSocket Cluster Need Security?\u003C\u002Fstrong>\u003C\u002Fp>\u003Cp class=\"p3\">1. Prevent Eavesdropping : Data transmitted through WebSocket must be secure from malicious entities.\u003C\u002Fp>\u003Cp class=\"p3\">2. Access Control : Only authorized users should be able to use the WebSocket.\u003C\u002Fp>\u003Cp class=\"p3\">3. Prevent DDoS Attacks : Reduce the risk of attacks targeting the WebSocket Cluster.\u003C\u002Fp>\u003Cp class=\"p4\"> \u003C\u002Fp>\u003Cp class=\"p3\">\u003Cstrong>Enhancing Security for WebSocket Cluster\u003C\u002Fstrong>\u003C\u002Fp>\u003Cp class=\"p3\">1. Use WSS (WebSocket Secure)\u003Cbr>WSS is WebSocket operating over TLS (Transport Layer Security), which helps encrypt the data sent over the network.\u003Cbr>Setting up NGINX for WSS :\u003C\u002Fp>\u003Cpre>\u003Ccode class=\"language-plaintext\">server {\n    listen 443 ssl;\n    server_name yourdomain.com;\n\n    ssl_certificate \u002Fpath\u002Fto\u002Fyour\u002Fcertificate.pem;\n    ssl_certificate_key \u002Fpath\u002Fto\u002Fyour\u002Fkey.pem;\n\n    location \u002Fws\u002F {\n        proxy_pass http:\u002F\u002Flocalhost:8080; # ชี้ไปยัง WebSocket Server\n        proxy_http_version 1.1;\n        proxy_set_header Upgrade $http_upgrade;\n        proxy_set_header Connection \"upgrade\";\n        proxy_set_header Host $host;\n    }\n}\u003C\u002Fcode>\u003C\u002Fpre>\u003Cp> \u003C\u002Fp>\u003Cp class=\"p3\">2. Add Authentication Token\u003Cbr>Before establishing a WebSocket connection, verify the Token to authenticate the user.\u003Cbr>Example of Token verification in Go:\u003Cbr>In this example:\u003Cbr>The authMiddleware checks the Token before allowing the connection.\u003C\u002Fp>\u003Cpre>\u003Ccode class=\"language-plaintext\">func authMiddleware(next http.HandlerFunc) http.HandlerFunc {\n    return func(w http.ResponseWriter, r *http.Request) {\n        token := r.URL.Query().Get(\"token\")\n        if token != \"valid-token\" { \u002F\u002F ตัวอย่างตรวจสอบ Token แบบง่าย\n            http.Error(w, \"Unauthorized\", http.StatusUnauthorized)\n            return\n        }\n        next(w, r)\n    }\n}\n\nfunc handleConnections(w http.ResponseWriter, r *http.Request) {\n    conn, err := upgrader.Upgrade(w, r, nil)\n    if err != nil {\n        log.Println(\"Error upgrading connection:\", err)\n        return\n    }\n    defer conn.Close()\n\n    log.Println(\"Client connected with valid token\")\n    for {\n        _, msg, err := conn.ReadMessage()\n        if err != nil {\n            log.Println(\"Error reading message:\", err)\n            break\n        }\n        log.Printf(\"Received: %s\", msg)\n    }\n}\n\nfunc main() {\n    http.HandleFunc(\"\u002Fws\", authMiddleware(handleConnections))\n    log.Println(\"WebSocket server with token authentication started at :8080\")\n    log.Fatal(http.ListenAndServe(\":8080\", nil))\n}\u003C\u002Fcode>\u003C\u002Fpre>\u003Cp> \u003C\u002Fp>\u003Cp class=\"p3\">3. Use Role-Based Access Control (RBAC)\u003Cbr>Define permissions for each type of user, such as Admin and Member, to limit actions.\u003Cbr>Example of using RBAC:\u003Cbr>In this example:\u003Cbr>If the user is not an Admin, they will not be able to perform certain actions.\u003C\u002Fp>\u003Cpre>\u003Ccode class=\"language-plaintext\">func handleConnections(w http.ResponseWriter, r *http.Request) {\n    token := r.URL.Query().Get(\"token\")\n    role := \"member\" \u002F\u002F สมมติว่าได้ Role จาก Token\n\n    conn, err := upgrader.Upgrade(w, r, nil)\n    if err != nil {\n        log.Println(\"Error upgrading connection:\", err)\n        return\n    }\n    defer conn.Close()\n\n    for {\n        _, msg, err := conn.ReadMessage()\n        if err != nil {\n            log.Println(\"Error reading message:\", err)\n            break\n        }\n\n        if string(msg) == \"admin-action\" && role != \"admin\" {\n            conn.WriteMessage(websocket.TextMessage, []byte(\"Unauthorized action\"))\n            continue\n        }\n\n        log.Printf(\"Message from %s: %s\", role, msg)\n    }\n}\u003C\u002Fcode>\u003C\u002Fpre>\u003Cp> \u003C\u002Fp>\u003Cp class=\"p3\">4. Prevent DDoS Attacks with Rate Limiting\u003Cbr>Rate Limiting helps restrict the number of requests each user can send within a specified time frame.\u003Cbr>Example of Rate Limiting usage:\u003C\u002Fp>\u003Cpre>\u003Ccode class=\"language-plaintext\">var rateLimiter = make(map[string]int)\n\nfunc rateLimitMiddleware(next http.HandlerFunc) http.HandlerFunc {\n    return func(w http.ResponseWriter, r *http.Request) {\n        ip := r.RemoteAddr\n        rateLimiter[ip]++\n\n        if rateLimiter[ip] > 10 { \u002F\u002F อนุญาต 10 คำขอต่อ 1 นาที\n            http.Error(w, \"Too many requests\", http.StatusTooManyRequests)\n            return\n        }\n\n        next(w, r)\n    }\n}\u003C\u002Fcode>\u003C\u002Fpre>\u003Cp> \u003C\u002Fp>\u003Cp class=\"p3\">\u003Cstrong>Further Improvements\u003C\u002Fstrong>\u003C\u002Fp>\u003Cul class=\"ul1\">\u003Cli class=\"li3\">Use JWT (JSON Web Token) : For secure authentication.\u003C\u002Fli>\u003Cli class=\"li3\">Encrypt Sensitive Data : Use AES or RSA for data requiring high security.\u003C\u002Fli>\u003Cli class=\"li3\">Monitor Usage : Use Prometheus and Grafana to monitor usage statistics.\u003C\u002Fli>\u003C\u002Ful>\u003Cp class=\"p4\"> \u003C\u002Fp>\u003Cp class=\"p3\">\u003Cstrong>Summary\u003C\u002Fstrong>\u003C\u002Fp>\u003Cul class=\"ul1\">\u003Cli class=\"li3\">Use WSS (WebSocket Secure) to encrypt connections.\u003C\u002Fli>\u003Cli class=\"li3\">Authenticate users with Tokens or JWT.\u003C\u002Fli>\u003Cli class=\"li3\">Implement Role-Based Access Control (RBAC) to manage permissions.\u003C\u002Fli>\u003Cli class=\"li3\">Prevent DDoS with Rate Limiting.\u003C\u002Fli>\u003C\u002Ful>","26_11zon_0sq6tmk7hq.webp","https:\u002F\u002Ftwsme-r2.tumwebsme.com\u002Fsclblg987654321\u002Frs8177ldszbvrrk\u002F26_11zon_0sq6tmk7hq.webp","2026-03-04 08:34:12.717Z","",{"keywords":15,"locale":128,"school_blog":138},[16,23,28,33,38,43,48,53,58,63,68,73,78,83,88,93,98,103,108,113,118,123],{"collectionId":17,"collectionName":18,"created":19,"created_by":13,"id":20,"name":21,"updated":22,"updated_by":13},"sclkey987654321","school_keywords","2026-03-04 08:20:11.547Z","ey3puyme01a9bsw","Go","2026-04-10 16:07:25.893Z",{"collectionId":17,"collectionName":18,"created":24,"created_by":13,"id":25,"name":26,"updated":27,"updated_by":13},"2026-03-04 08:33:59.315Z","btmgtfwmgpke1aa","Go language","2026-04-10 16:08:04.625Z",{"collectionId":17,"collectionName":18,"created":29,"created_by":13,"id":30,"name":31,"updated":32,"updated_by":13},"2026-03-04 08:20:14.253Z","ah6lvy4x8qe08l5","Golang","2026-04-10 16:07:26.172Z",{"collectionId":17,"collectionName":18,"created":34,"created_by":13,"id":35,"name":36,"updated":37,"updated_by":13},"2026-03-04 08:32:51.346Z","tmzmy6jyz1n35rr","Go Programming","2026-04-10 16:08:01.434Z",{"collectionId":17,"collectionName":18,"created":39,"created_by":13,"id":40,"name":41,"updated":42,"updated_by":13},"2026-03-04 08:33:59.808Z","qw7jy92h0uqd9wq","Go coding","2026-04-10 16:08:04.850Z",{"collectionId":17,"collectionName":18,"created":44,"created_by":13,"id":45,"name":46,"updated":47,"updated_by":13},"2026-03-04 08:34:00.920Z","ecac9y661or1xka","WebSocket","2026-04-10 16:08:05.227Z",{"collectionId":17,"collectionName":18,"created":49,"created_by":13,"id":50,"name":51,"updated":52,"updated_by":13},"2026-03-04 08:34:01.321Z","gjlkrd1oymyuvn2","security","2026-04-10 16:08:05.316Z",{"collectionId":17,"collectionName":18,"created":54,"created_by":13,"id":55,"name":56,"updated":57,"updated_by":13},"2026-03-04 08:34:02.324Z","r9akapsc75q5l3w","WSS","2026-04-10 16:08:05.711Z",{"collectionId":17,"collectionName":18,"created":59,"created_by":13,"id":60,"name":61,"updated":62,"updated_by":13},"2026-03-04 08:34:02.606Z","lnj4d8t77h8cko5","encryption","2026-04-10 16:08:05.842Z",{"collectionId":17,"collectionName":18,"created":64,"created_by":13,"id":65,"name":66,"updated":67,"updated_by":13},"2026-03-04 08:34:04.613Z","4t76pi1df7xiw0i","authorization","2026-04-10 16:08:06.546Z",{"collectionId":17,"collectionName":18,"created":69,"created_by":13,"id":70,"name":71,"updated":72,"updated_by":13},"2026-03-04 08:34:05.981Z","2uacq4bcskvu8dc","DDOS","2026-04-10 16:08:07.122Z",{"collectionId":17,"collectionName":18,"created":74,"created_by":13,"id":75,"name":76,"updated":77,"updated_by":13},"2026-03-04 08:34:07.915Z","921nl48h9in67sw","Rate Limiting","2026-04-10 16:08:07.808Z",{"collectionId":17,"collectionName":18,"created":79,"created_by":13,"id":80,"name":81,"updated":82,"updated_by":13},"2026-03-04 08:34:10.485Z","5v113gy6l7vswbr","RBAC","2026-04-10 16:08:08.785Z",{"collectionId":17,"collectionName":18,"created":84,"created_by":13,"id":85,"name":86,"updated":87,"updated_by":13},"2026-03-04 08:34:11.541Z","67xrlmvqwizocfz","Token","2026-04-10 16:08:09.135Z",{"collectionId":17,"collectionName":18,"created":89,"created_by":13,"id":90,"name":91,"updated":92,"updated_by":13},"2026-03-04 08:32:15.843Z","m0x7wo77i8iycf1","Programming Education","2026-04-10 16:07:51.675Z",{"collectionId":17,"collectionName":18,"created":94,"created_by":13,"id":95,"name":96,"updated":97,"updated_by":13},"2026-03-04 08:31:22.575Z","lfjse4xivbgg5wu","Practice programming","2026-04-10 16:07:39.541Z",{"collectionId":17,"collectionName":18,"created":99,"created_by":13,"id":100,"name":101,"updated":102,"updated_by":13},"2026-03-04 08:20:33.316Z","ln1ntwattzmxo0o","programming","2026-04-10 16:07:27.299Z",{"collectionId":17,"collectionName":18,"created":104,"created_by":13,"id":105,"name":106,"updated":107,"updated_by":13},"2026-03-04 08:32:09.324Z","gon9gv2r39iu34p","programming development","2026-04-10 16:07:50.515Z",{"collectionId":17,"collectionName":18,"created":109,"created_by":13,"id":110,"name":111,"updated":112,"updated_by":13},"2026-03-04 08:32:26.073Z","vnvj1oaxje9m1q8","programming for beginners","2026-04-10 16:07:54.133Z",{"collectionId":17,"collectionName":18,"created":114,"created_by":13,"id":115,"name":116,"updated":117,"updated_by":13},"2026-03-04 08:31:49.362Z","2m9vv13etpn6zkx","programming language","2026-04-10 16:07:45.606Z",{"collectionId":17,"collectionName":18,"created":119,"created_by":13,"id":120,"name":121,"updated":122,"updated_by":13},"2026-03-04 08:31:54.955Z","264sfjffyhspetq","programmers","2026-04-10 16:07:47.221Z",{"collectionId":17,"collectionName":18,"created":124,"created_by":13,"id":125,"name":126,"updated":127,"updated_by":13},"2026-03-04 08:26:59.195Z","gab60xd583s3qaw","Superdev School","2026-04-10 16:07:37.087Z",{"code":129,"collectionId":130,"collectionName":131,"created":132,"flag":133,"id":134,"is_default":135,"label":136,"updated":137},"en","pbc_1989393366","locales","2026-01-22 11:00:02.726Z","twemoji:flag-united-states","qv9c1llfov2d88z",false,"English","2026-04-10 15:42:46.825Z",{"category":139,"collectionId":140,"collectionName":141,"expand":142,"id":156,"views":157},"wqxt7ag2gn7xcmk","pbc_2105096300","school_blogs",{"category":143},{"blogIds":144,"collectionId":145,"collectionName":146,"created":147,"created_by":13,"id":139,"image":148,"image_alt":13,"image_path":149,"label":150,"name":151,"priority":152,"publish_at":153,"scheduled_at":13,"status":154,"updated":155,"updated_by":13},[],"sclcatblg987654321","school_category_blogs","2026-03-04 08:33:53.210Z","59ty92ns80w_15oc1implw.png","https:\u002F\u002Ftwsme-r2.tumwebsme.com\u002Fsclcatblg987654321\u002Fwqxt7ag2gn7xcmk\u002F59ty92ns80w_15oc1implw.png",{"en":151,"th":151},"Golang The Series",1,"2026-03-16 04:39:38.440Z","published","2026-04-25 02:32:15.470Z","10ms849cg51l4o0",210,"rs8177ldszbvrrk",[20,25,30,35,40,45,50,55,60,65,70,75,80,85,90,95,100,105,110,115,120,125],"2025-01-27 04:42:25.723Z","Discover how to enhance the security of your WebSocket Cluster using WSS, Token verification, RBAC, and Rate Limiting to prevent attacks and maintain data privacy.","go-websocket-security","2026-04-25 02:47:29.842Z",{"en":162}]