1) form data validation. To check any data, accept all acceptable data, reject all unacceptable data;
the first station
is divided into 3 stages to explain the author’s own views. Respectively during the establishment period, on-line operation period.
3) on the database. No database directly through the IE download, set the server to prohibit certain types of files to download, limited database user permissions, corresponding to the corresponding permissions.
1, website source code. We are looking for more well-known source code to modify when searching for the source code, do not easily download personal development program. Can to some large source station to download, this site source they tested. Download the source code to use antivirus software to scan, regardless of no use to mean under. Then in the local debugging, for all Bug and loopholes, don’t wait to modify the Bug line, then there is no security problem, the search engine user experience is not good
is the above points, the author briefly mention there are many, such as: the configuration file security problem; the back page of the authentication and authorization; XSS attack; folder directory and security permissions; several key data encryption and so on. The reason is because of its own technology.
we all know the premise of Shanghai dragon is the largest of his own website. The website come from? Now you believe there is two kinds: one is the website to download the source code to modify, two is to develop their own website. The two station channel has the security problems of large, if everyone in the site did not consider the safety, is very bad to do after optimization of Shanghai dragon will.
2) using the verification code. For registration, issued all user behavior verification code verification, to prevent the release of robot.
4) injected anti SQL statement. The author of the SQL injection is not very understanding, so here not elaborated, please refer to the specific content of the Shanghai Encyclopedia of knowledge of love.
. Write their own code development site is relatively high technical requirements, but most programmers although the code is very good, but for safety and friendliness of the Shanghai dragon grasp is not very good. We all know that the development of the language used in many websites, what PHP, JAVA, ASP,.NET and so on. No matter what language in the development time to consider security issues.
!2, to develop their own website The
known as the Shanghai dragon is the search engine optimization, is the content and the chain. Before the Shanghai dragon and the security of the site seems to be little relation with the development of Internet technology, more and more new technologies emerge, let Shanghai dragon has become more diversified, not only limited to the content and the chain. Today I will talk about the safety and Shanghai dragon and website have what relation.