Re: curl attack prevention
- From: Willem Bogaerts <w.bogaerts@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Wed, 30 Jan 2008 13:12:32 +0100
What things should I apply to make my site safe and be sure that nobody
who uses curl will not hacked my site?
Please answer.
I will be very grateful for help
Safety is not a command-line switch. Safety is looking what needs to be
done and exclude the rest. Like regenerating the session IDs. You should
always do that upon changing the user rights.
Also, take a good look at the file settings and look if sensitive files
are accessible from outside. Look at the possibility of SQL injection if
you use a database, and command-line injection if you call external
programs, e-mail injection if you send mail, etc.
And please don't expect our crystal balls to work if you even don't tell
us what OS you are using.
Safety is details and guarding those details.
Good luck,
--
Willem Bogaerts
Application smith
Kratz B.V.
http://www.kratz.nl/
.
- References:
- curl attack prevention
- From: K.
- Re: curl attack prevention
- From: Erwin Moller
- Re: curl attack prevention
- From: K.
- curl attack prevention
- Prev by Date: Re: curl attack prevention
- Next by Date: Re: [newbie] Keeping it all in one page?
- Previous by thread: Re: curl attack prevention
- Next by thread: Re: curl attack prevention
- Index(es):
