Conclusion

Previous page
Table of content
Next page

In this chapter, I have tried to demonstrate that the only way to create reliable protection for a Web application against external attacks is to write appropriate code.

Other methods for filtration of unwanted information based on external filters, HTTP server settings, and other techniques can complicate the attacker's task, but they cannot stop him or her. At the same time, they complicate the development and maintenance of the system and the addition of new modules to it.

In essence, when you enable additional security modules and enforce restrictions in configuration files, you have to find a compromise between the questionable protection and the convenience for the programmer who uses the system's features. You should enable such security modules only when it is impossible to check an existing system for security or to abandon it. In this case, be aware that you don't obtain a guarantee for the system's security, and it is likely that overly strict server settings can prevent the system from working.


Previous page
Table of content
Next page
Hacker Web Exploition Uncovered
Hacker Web Exploition Uncovered
ISBN: 1931769494
EAN: N/A
Year: 2005
Pages: 77
BUY ON AMAZON
High-Speed Signal Propagation[c] Advanced Black Magic
Identifying and Managing Project Risk: Essential Tools for Failure-Proofing Your Project
VBScript Programmers Reference
Practical Intrusion Analysis: Prevention and Detection for the Twenty-First Century: Prevention and Detection for the Twenty-First Century
Wireless Hacks: Tips & Tools for Building, Extending, and Securing Your Network
After Effects and Photoshop: Animation and Production Effects for DV and Film, Second Edition
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy