1. encryption of key information in the configuration file: for example, database connection account password
2. Page source code sensitive information: for example, you can view the source code without any knowledge when modifying the password page.
3. code annotation sensitive information: Does not include Intranet IP addresses, SQL statements, passwords, physical paths, etc.
4. Sensitive Information of Exception Handling: The returned error request does not contain sensitive information such as the server version.
5. WebService page information: for example, happyaxis. jsp published by axis cannot be directly accessed.
6. Web server status information: Incorrect Parameter request
7. Upload directory and temporary directory access
8. log directory and Log File plaintext Information Leakage
9. Public file storage formats (such as database connection information and source code header files)