Security | data | database | Database Security | The problem is that many people are worried about the security of the database! In general, everyone is the name of the database suffix is very complex, and then the suffix name should be. ASP, but this is not absolutely safe! The answer is yes, it's definitely not safe! Because when someone guesses your path, then you can use it after downloading the name of the database!
Someone's using it again. #*.aspAs a database storage mode, because according to IE coding principle, #后面的东西是不会下载的, but the average attacker knows # in IE decoding is %23, so once he entered %23*.aspStill can give you to download your database, so the above methods are not!
Now let's introduce one of my methods,
First of all, we need to know that the browser encountered an ASP will not think of the explanation, so your file suffix but still can be explained by the browser, once people download your file can still use, then based on this we First, create a new table in the database named Notdownload then add a <%= ' a ' =1%> in this table as long as it's not the right ASP statementSo that once he guesses your database, in the browser to enter your database path alone, because the browser will explain the ASP statement, but suddenly encountered one of your fault statement old will stop, and will be prompted to error, and there is no type of error, can not read out of course will not be downloaded!
Some people start to worry that the database will not be affected by the use of, of course, because you are not alone to let the browser to explain your database, but each time it is a purposeful call to a table, so will not read out your error table information, so the database can still be used,
For further security, we still have to set a complex name, and still precede with a #,
Anyway, that's what the database looks like.
#45sdf34 #$%@#$.asp There is also a table in the library
There is an incorrect ASP field in the table
Do not think that encryption, especially the use of access to small Web sites, is very safe, online password-breaking software n more! Of course, it is best to add the password, but also the number/letter and special letters combined!
You can try, if so others can download the database, I can only say that you are a master, the above set enough to withstand the majority of undesirable molecules pull
Hey!
If there are questions welcome to email and I discuss!
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
A Free Trial That Lets You Build Big!
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
