Directory traversal...path traversal...problem

(nodejs/expressjs) I don’t know when I need to worry about this problem and apply protection to prevent this problem…

  1. Do I always need to watch out for directory traversal/path traversal security problem every time when I am developing back end or only when I am doing some specific things(one example I can think of is using user input data to get a file in my server…)?

  2. In expressjs, “express.static()” prevents directory traversal/path traversal by default, what about if I am creating an API(front end is using reactjs), how do I prevent directory traversal/path traversal for my API routes?

  3. In general, what is the best way to prevent directory traversal/path traversal?