Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
G
G
Grigory Khrimyan2017-12-26 09:34:47
Burglary protection
Grigory Khrimyan, 2017-12-26 09:34:47

How to secure your backend from developers?

Hello!
There is a project. There are programmers. We are working.
For example, in the future, something was not shared / quarreled, anything can happen.
And then the backender says that I can break your site if you ... blackmail, in short.
Residential example. He hid a piece of code that if a user with the nickname xxx enters the site, then delete the entire user database. And such Easter eggs can be placed in different places.
My competence does not allow me to examine the php code for such vulnerabilities.
What to do? How to trust the heart of your project to strangers? Yes, even acquaintances? Test server, of course. But then after all all the same you will transfer to yourself.
It is especially interesting how this issue is resolved on large sites. Can someone there take and fill up the site alone? In general, a very interesting topic in which I have no idea.
Perhaps you can advise what to read on this topic.
Smart, generous and sympathetic people. Thank you in advance))

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

3 answer(s)
Report
S
Satisfied IT, 2017-12-26
@Gryphonn

First, backups. Broke - fixed, sent an application to the cops and recovered from the backup.
From bookmarks, the presence of either knowledge or a second person who will work in a team will help.
Well, and most importantly - good relations with employees and not nayo ... with a salary, he promised - pay.

Report
K
Kirill Petrov, 2017-12-26
@Recosh

As a programmer, I have no idea how to search for bookmarks. For example, you can throw this into minified libs, and even with dependencies, that you will delete the bookmark in the form of a simple eval, and the whole site will be in errors ... Or you can just leave an unscreened variable and access the database through it ... Himself while I work alone, but the team is a matter of time.
I rely on a version control system, backups.
But I still don’t know how to protect myself from leaking information ...

Report
M
Maxim Kudryavtsev, 2017-12-27
@kumaxim

You need to make sure that your man has no motivation to set you up.

Similar questions
L
lukoie2014-10-03 22:23:35
How to find out exactly how the site was hacked, and how to protect it? 4Reply
V
v_prokopenko2016-11-17 11:07:47
New wordpress vulnerability? 2Reply
L
Log1c12019-04-16 14:14:58
How is VAC bypassed? 1Reply
A
Abdulyar2016-11-24 17:28:50
What are the first steps in checking the security of a PHP web application? 2Reply
C
cicatrix2019-05-06 09:44:34
Hacking attempt, what did the "hacker" want to achieve? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question