keeping hackers off server
I have 5 Classic ASP pages,
1 has a script to generate an email automatically.
I wish to put this onto a server, but would like to know if it is secure (i.e. for hacking) - what should i have in my code to keep it tight?
That depends of implementation.
Here's some little known info that should be common knowledge, to help out.
First one isn't really helpful, I just had to say it: Hackers make things, It's crackers that break things (or break into them).
Second one is slightly more helpful: These naughty cracker type folks (the ones that know what they're doing anyway) tend not to use the code you write to break into servers directly as much as they use them as a means to reach a potential vulnerability already in the host machine.
For example, say you had an installation of some kind of mail server software on your host machine that had a security flaw of some type. If your page was for letting people send emails to you by typing it in on the page and clicking send or whatever, then they might use your page as a means of transporting their malicious code into the mail server software to invoke the vulnerability. It wouldn't have been your code that you wrote for the email page, but rather the email software its self that would have had the insecure code.
Your main priority in keeping things as secure as you can sould be to ensure that all the software on your host machine is as up to date (and mature) as possible. Sadly, unless you're maintaining the machine yourself, this probably isn't going to happen. I don't think I've ever seen a hosting provider keep everything that matters up to date.
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)