+ 2
List of methods to secure webapp
Hi there! I would like to make/share list of methods which I can use to secure website application opened to internet. I know, we can see XSS, SQL Injections, clickjacling, etc. But, this is hacking methods, not the methods to secure my web for them. I think, we have two categories to sort them: 1) Programming side 2) Server-side (server configuration) Please share any idea or experience which you have, to secure your webapp. Thanks!
1 Resposta
+ 2
Now I can remember:
1) Programming side:
- Prepared statement
- Regexp in input field
- Make refresh UID token to user SESSION
2) Sever-side
- Secure webserver to NO output version and any kind of config.
- SSL
- .htaccess
- Secure frames (HTTP headers) to prevent JavaScript clickjacking