1, security configuration of the database, such as the account /password /permissions used by your program to connect to the database, if you are browsing the news, you can use read-only permissions; you can use different accounts /permissions for different modules In addition, which stored procedures of the database can be called, but also strictly configured, not all disabled (especially cmd), to prevent system calls using the database stored procedure after injection;
2. When obtaining the parameters submitted by the client, perform strict filtering, including parameter length, parameter type, etc.;
3. Strict protection for the administrator background. If conditions permit, it should be set to only Allow specific IP access (for example, only allow administrator network segment access) —— this should be based on actual conditions;
4, security configuration of the operating system to prevent the function of calling the system after injection For example, transfer
cmd.exe/tftp.exe/ftp.exe/net.exe
to all other directories and make the directory Privilege assignment;
5, set network access control;
6, if possible, configure content filtering for HTTP, filter viruses, malicious scripts, etc.;
7. If necessary, you can consider choosing HTTPS, which can prevent many injection tools from scanning. When I developed the injection detection tool myself, I thought about supporting HTTPS, but it has not been implemented yet.
I believe you also see it. In general, the program mainly considers permissions, parameter filtering, etc. The permissions mainly include IIS browsing permissions and database calling permissions. In addition, consider the security configuration of the database and operating system. In addition, I don't know if you will use components developed by others during the development process, such as image uploading. Have you studied the security of such components? Or most people will use them during the development process. The open code provided on the Internet, in the book, such as user login verification, etc., these public code, also to study its security issues.
There are five basic ways to dissipate a blade server. Once one of these methods is selected
Experimental software environment: virtual machine Vmware Workstation10.0, CentOS 6.5 32 bit 1, auto
The role of the DHCP server: DHCP server Needless to say, without running a DHCP server, IP
Linux supports Chinese, modify /etc/sysconfig/i18n file LANG="zh_CN.GB18030" SUPP
What should I do if the server is down? Server failure emergency plan
IIS server backup and recovery settings instructions
How to configure the network server
Server virtualization knowledge
Avoiding the real "virtual" VMware super practical skills
The server must know a few knowledge
Hyper-V Replica resynchronization process detailed
Brief introduction to server performance testing tools
Blade server hard disk boot Linux independent installation (2)
How to do black bars on the right side of the browser after Win7 system upgrades IE10
Lenovo Y485P upgrade Win8.1 wireless network card is not connected to what to do?
VMware Workstation 8 Installing Windows 8 Tutorial
Win8 Modern game can't archive solution
Win7 how to upgrade the flash plug-in
How to obtain file management ownership in Windows 7
What should I do if the Win10 system TH2 version is upgraded with a power outage?
Win7 broadband speed method and Internet accelerator principle
Quickly solve the win8 system.exe program disk usage 100% tutorial