|
|
How to secure its website for free |
| |
| Contact |
- variables: The variables are potentially a flaw in the case of a website.
Especially the variables that pass through a url like: http://www.monsite.com/password?pwd=5643.
This way you can give anyone to know the contents of this variable.
One of the solutions are the session variables (in php).
- redirection: In case you unz login page (with a login and password) and in the case of an error password or login direct your visitor to a page 'erreur.La you allow your visitors without login and password to enter one of your prive.Il better in this case to ensure that the visitor without login and password does not pass the login page for a simple error message.
- Avoid pages with this: include ($ page). This way you can put anything in the variable $ page.
- It is also possible to use a ssl connection (cryptography) between the client and server.
- Finally, security flaws are not always our faute.Elles script can come from being installed in its code.
|
| |
| |
|
|
|