I have a react native app that uses meteor for it’s backend via the In-Progress-team react native package.
Everything works great!
As I am about to put the app into production, I am wondering how to secure the meteor backend?
I want to completely disable web browsing to the meteor endpoint and if someone attempts to pull up the meteor endpoint in a web browser, they should be immediately redirected to another page/url of my choosing.
So in my case, the meteor backend is listening on app.company.com
If someone puts that in a browser they should be directed to company.com
Any other tips to harden/secure the meteor backend would be appreciated. It is currently only used to handle DDP and method requests from the react native mobile app.