What could hackers do to a website and how do you protect my website from these attacks?

Although my site is still far from done, I've started thinking about web security. This site will be extremely public and contain important information people assume is true, that I wouldn't want hijacked. It'd be a disaster is this site got hacked, so I started thinking of some ways to protect it, or fight back. Everything has been made with dynamic html through PHP, except for error messages, which use javascript popup alerts triggered by PHP cookies. There are textbox forms and dropdown boxes, all encased with htmlentities to prevent code from being run. So I started thinking, "what are the ways that my site's security could be compromised, what weapons of choice do hackers use?" - I know about changing the source code of the site with tools like firebug or chrome for themselves, but that shouldn't matter because I use PHP, and I'm more worried about what EVERYONE sees. - They can use javascript injections - They could submit code to execute to the forms - They could DDoS the site, which would crash it and to which I don't know of any defense. But I really don't think I'd be dealing with a entire faceless group of internet megaterrorists. - They could change the html of email submission forms to get my password sent to me (them). - They could bruteforce my password for the server/ftp, but I use strong passwords by using all types of characters on a US keyboard. So what are the ways can I protect my site from being hacked? What are all the ways (or general tactics and categories) that hackers choose to destroy or exploit sites? Are any of the things from the list of defense traps a good or possible idea??
I'd start with OWASP: owasp.org/index.php/Main_Page

以上就是What could hackers do to a website and how do you protect my website from these attacks?的详细内容,更多请关注web前端其它相关文章!

赞(0) 打赏
未经允许不得转载:web前端首页 » JavaScript 答疑

评论 抢沙发

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址

前端开发相关广告投放 更专业 更精准