Answer the question
In order to leave comments, you need to log in
T
T
TheHorse2012-11-28 14:52:37
TheHorse, 2012-11-28 14:52:37
Vulnerabilities and attacks on the web?
Good day.
I'm using CodeIgniter with XSS filters, filtered DB queries, don't trust inputs; know about/believe protected from: XSS, php/sql-inject, HTTP Response Splitting, CSRF. The site works on HTTPS.
But I need a little more paranoid protection. And so I ask:
1. What other popular types of vulnerabilities are there in the context of websites?
2. What are some security jokes about php itself?
3. Where to read about all this?
9 answer(s)
@FurryCat
@stan_jeremy
@lubezniy
@Mike_Bazhenov
@Pushkind
@LukaSafonov
F
FurryCat, 2012-11-28 @FurryCat
Check out the site www.owasp.org
It is designed to answer just such questions. True, it is in English.
S
stan_jeremy, 2012-12-01 @stan_jeremy
It would be easier if you showed the site, and people would look at it%)
L
lubezniy, 2012-11-28 @lubezniy
Maybe an executable downloaded as a picture? True, this is an attack, rather, on the client browser than on the server,
M
Mike_Bazhenov, 2012-11-28 @Mike_Bazhenov
is there ajax? Also check that you don’t do too much without authorization ...
P
Pushkind, 2012-11-28 @Pushkind
Clickjacking (X-Frame-Options header), DOM XSS, look at the Content Security Policy, useful stuff.
L
Luka Safonov, 2012-11-30 @LukaSafonov
Credential/Session Prediction
XML External Entity Attacks
LFI over PHPinfo
Weak passwords
Similar questions
A
T
A
A
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question