Website program Security

Source: Internet
Author: User
Tags website injection

WebsiteProgramSecurity considerations!

No website injection vulnerability,
No upload vulnerability,
Cookie fraud,
No brute-force database vulnerabilities,
No brute-force Path Vulnerability,
Eliminate cross-site vulnerabilities,
Prohibit external connections such as post or get,
Verification Code restrictions,
Prevent websites from having wrong scripts,
No framework technology is used,
The/a. asp/class directory cannot be created in the background to Prevent IIS from parsing jpg or GIF and other image files as scripts.
After the backup is disabled, script files such as A. asp or a. Asa are not allowed,
The default database table names are non-universal table names, column names, and fields,
The website administrator and user password are encrypted using MD5 or other more secure encryption methods,
The website management page is not a Common Logon page and the path can be modified,
The management page can restrict security measures such as IP login or authentication login,
The program does not have any anti-virus software suspicious objects, so it can prevent vulnerable page connections such as upfile. asp by default,
Website structure properly prevents page scanning tools from scanning,
Prevents the replication site from viewing source files by text and restrictions,
Prevents important core data from being collected and does not affect search engine indexing,
Image anti-theft connection and watermark function.
Interactive location or search location such as comments on the website. You can restrict Custom Words and symbols in the background.
The background has the function of disabling external IP Access.
The website can be customized. You can enable or disable the site, and enable or disable user registration for debugging.

..................................... .............................
Hello everyone, I'm Yuan. The tutorials I bring to you today are about website intrusion. It's easy for cainiao to understand at a glance. The tools used in my exercises include the startup editor ASP, Trojan Horse, and chicken.
/admin/upfile_flash.asp
keywords: qingdao enterprise Post Office enterprise honor marketing network product category Information Feedback Contact Us favorites site
I will first open the chicken
then add the suffix under/admin/upfile_flash.asp add this to
The keyword is Shanxi enterprise Post Office enterprise honor marketing network product category Information Feedback Contact Us To favorites this site
I am here to search for the next point and then open the bright boy point to wear no vulnerabilities to fill in my door continue depressed again
I finally found one and saved it again! It's so easy to open the door.
This is the tool used to hack into a website. You can go to my website to download an unusual hacker base www.ssbyb.com
My QQ 282728773 QQ Group 19368112 33088090
886 unusual hacker base www.ssbyb.com

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.