Website Security

JamesU2005 · 10 Jan 2008 at 22:38

All,

I know the problems web developers can have with SQL injection and other security attacks through allowing users to upload, etc, etc.

I just wondered how people on this forum tested their site for security issues. I hope to release a site one day to the public that allows uploads. The knowledge to program such a site does not worry me but the security issues do very much.

Any particular methods, or perhaps even software to test your own sites?

Cheers,

Ross1234 · 10 Jan 2008 at 22:41

if you are worried you should have a secure connection for uploading or something

zinc · 12 Jan 2008 at 07:07

If your using PHP with SQL I found this site very useful, not only for PHP and SQL security but for web security in general:

http://www.ilovejackdaniels.com/php/writing-secure-php/

It talks about SQL injection a bit down the page

Sic · 12 Jan 2008 at 09:34

rob wrote a pretty decent article on php security which should get you to grips with the basics of what you're protecting against, at least

Immsy · 12 Jan 2008 at 10:05

Sic said:
rob wrote a pretty decent article on php security which should get you to grips with the basics of what you're protecting against, at least

That really is an excellent article, well written and well explained.

JamesU2005 · 13 Jan 2008 at 19:21

Immsy said:
That really is an excellent article, well written and well explained.

Just had a quick read. Certainly seems an excellent article.

Will be implementing them all.

marc_howarth · 13 Jan 2008 at 19:50

indeed a superb article, has helped me understand a lot of code that i was seeing written on here and the reasons behind it

thanks for the link