1, the configuration file key information is encrypted: such as database connection account password
2, page source code sensitive information: such as modify Password page changes to see the source code is not clear
3, code comments sensitive information: Does not include such as: Intranet IP address, SQL statements, passwords, physical path, etc.
4, exception handling sensitive information: Error request return does not contain sensitive information such as: Server version
5, WebService page information: such as Axis released happyaxis.jsp can not directly access
6. Web Server status information: Error parameter request
7, upload directory and temporary directory Access
8, log directory, log files clear information disclosure
9, the common file storage format (such as database connection information, source on behalf of the dock file, etc.)