How do I secure an Express.js application?

const express = require('express');
        const helmet = require('helmet');
        const rateLimit = require('express-rate-limit');
        const app = express();

        // Use Helmet to set various HTTP headers for security
        app.use(helmet());

        // Rate limiting to prevent brute-force attacks
        const limiter = rateLimit({
            windowMs: 15 * 60 * 1000, // 15 minutes
            max: 100 // limit each IP to 100 requests per windowMs
        });
        app.use(limiter);

        // Example route
        app.get('/', (req, res) => {
            res.send('Hello, secure world!');
        });

        app.listen(3000, () => {
            console.log('Server is running on port 3000');
        });