- This topic is empty.
Viewing 5 posts - 1 through 5 (of 5 total)
Viewing 5 posts - 1 through 5 (of 5 total)
- The forum ‘Back End’ is closed to new topics and replies.
The forums ran from 2008-2020 and are now closed and viewable here as an archive.
Hi,
I would like to know how you would test application and websites for security?
Can you recommend the best way of testing web applications for vulnerabilities?
Thank you
From
James Burton
A pretty good question that I unfortunately don’t have an answer to. I don’t build any web apps, so I’ve never really ‘tested’ anything there.
In WordPress I make sure to read a few security articles before going live and implement a few things, but that’s really about it.
I should probably take it a little more seriously!
Some of the backend guys around here might have a better idea.
@traq, I suppose you are talking about dynamic websites. I have a related, but different question here: https://css-tricks.com/forums/discussion/26912/website-hacking-i-have-a-question
hi, you should escape any data from your web application inputs and outputs:
if you are using MySQLi use real_scape function
if you are using PDO MySQL use quoteInto
and we have some function in php and even you can write your own preg_match and your own security function;
you should scape any execute syntax, style sheet, HTML comment tags, java script tags and on… functions and any special character