European Experts Exchange (EEE.org) :: Free Experts PHP MySql Oracle Microsoft Web SQL Delphi


Web :: General :: Web Security
By: omuyelijah	Date: 06/09/2008 19:52:48	Points: 20	Status: Answered Quality : Excellent
Hi all, Web applications are now so common and scattered all around. Just want some advise. How do we ensure web application code protection ? Thanks.
By: VGR	Date: 08/09/2008 08:55:47		Type : Answer
as wa always did when writing even the simpliest AppleDOS program : protect the program against user input... -"sanitize" the data coming in. Check method is valid. Check contents are valid.(POST, GET) (against XSS) - avoid Bots by using captchas, sessions, basic HTTP Auth or HTTPS (and the like) (against spam) -protect the DB via addslashes() and non-obvious user, password, table and column names (against SQL injection) -use a normal webserver (eg Apache) (against Remote File Inclusions, ActiveX and OCX vulnerabilities of IIS) -use OpenOffice and PDF to store your data (saves disk space and prevents VBS/WSE/worms attacks of Microsoft Office that can compromise the webserver via the "plugins" mechanism)) -use a backed-up RAID disk array (against data loss, and in case you're penetrated) any common sense idea like those is good for you 8-)

Do register to be able to answer

©2010 These pages are served without commercial sponsorship. (No popup ads, etc...). Bandwidth abuse increases hosting cost forcing sponsorship or shutdown. This server aggressively defends against automated copying for any reason including offline viewing, duplication, etc... Please respect this requirement and DO NOT RIP THIS SITE.
Please DO link to this page! Post to Plurk Post to Yahoo Buzz Post to Delicious Post to Digg Post to MySpace Post to Ping.fm Post to Reddit Post to StumbleUpon

Contact

page generated in 291.234970 milliseconds

Why Google AdSense ads ?

New Improved Search!