Ensuring the code safety - Webmaster. Help

Üzgünüz, bu belge Türkçe diline henüz çevrilmedi.
Sayfada belgenin varsayılan dili gösterilmektedir: İngilizce.

Working with Yandex.Webmaster

Site security

Ensuring site security

Ensuring the code safety

The article "Ensuring a website safety" is provided by Sophos Plc and SophosLabs.

December 2007.

Developing a secure code is not always as easy as it seems. For this, you need not only experienced programmers but also the knowledge about specific security problems [12]. There are many books about secure code development. Here we just present the basics [13].

Always disable global variables since they can be intentionally initialized with a forged GET or POST request.
Disable error messages. Instead, write error information in a log file. Error information may allow the attackers to provoke a similar problem and use it for finding other vulnerabilities.
Don't trust the data provided by the users as secure. Remove special SQL characters and escape sequences using filters.