Jump to content
Sign in to follow this  
Vikz

Web Security

Recommended Posts

Anyone have some advice to make my own website more secure from attack like MySQL Injection?

Share this post


Link to post
Share on other sites

I would suggest cloudflare for website protection

Share this post


Link to post
Share on other sites

From what I know IPS or any other CMS have fairly good protection from MySQL Injection, you should probably worry more about some kind of network attack.

Share this post


Link to post
Share on other sites

protecting yourself from things like mysql injection........ thats funky just make sure everything is up 2 date like your mysql or maria db's etc but my 2 cents for web security is

if you do not need ssh access aka remote access 2 the server disable it immediately, this is solid advice i have been brute forced more times than u can imagine simply because i had remote ssh access enabled. 
also if you are going too use ssh remember that Using public key authentication for SSH is far more secure than using usernames and passwords to authenticate.

finally if you do not need remote mysql database access than disable it by setting bind-address=127.0.0.1 in my.cnf configuration file

Edited by Elvag

Share this post


Link to post
Share on other sites

Don't use passwords ever. SSH keys only. 

 

Passwords for things like root accounts to forum softwares/mysql users/ etc, I reccomend going to a password generator and generating a fairly long password for EACH account and keeping them in a neat notepad document or something.

Share this post


Link to post
Share on other sites

SSH key is safest way to connect to ur ftp.

 

Cloudflare is very good at ddosing, but u have to write clean code without sqli etc.

Rest should be just fine.

Share this post


Link to post
Share on other sites

You didn't told us in what your website is built (php, asp.net etc.)

Share this post


Link to post
Share on other sites

I would suggest Cloudflare Protection, but you could just also google about website protection.

Share this post


Link to post
Share on other sites

SSH keys instead of plain passwords, CF as a web proxy, don't ever trust user input if you're coding something on your own - always escape any characters, any suspiciously looking shit.

Share this post


Link to post
Share on other sites

Always use open source software when you can, That way you can fix any holes the original creators might have not found. Also do what Meehoweq said about escaping characters etc...

Share this post


Link to post
Share on other sites

Only use SSH keys.

Share this post


Link to post
Share on other sites

Cloudflare seems like its one of the best right now.

Share this post


Link to post
Share on other sites

Use bitninja.io and kernelkare if you have your own server. bitninja also has WAF to use with webserver for increased security. Maybe also, consider using docker if you use several web apps. Can increase security through containerizing.

Share this post


Link to post
Share on other sites

Cloudflare doesn't do that much with my MySQL Injections, you just have to setup it up properly its like the same thing with php if you can code it really good you won't have any issues

Share this post


Link to post
Share on other sites

Keep yourself patched and always be up to date with any exploitations on the software u are running, and also firewalls can help.

Share this post


Link to post
Share on other sites
What do you think? Remember the human.
Guest
This topic is now closed to further replies.
Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...