[Date Prev][Date
Next][Thread Prev][Thread Next][Date
Index][Thread Index]
RE: A Little OT: Server Security
- To: <ukha_d@xxxxxxx>
- Subject: RE: A Little OT: Server Security
- From: "Alex Monaghan" <ha@xxxxxxx>
- Date: Wed, 18 Jun 2003 15:50:51 +0100
- Mailing-list: list ukha_d@xxxxxxx; contact
ukha_d-owner@xxxxxxx
- Reply-to: ukha_d@xxxxxxx
Make sure you guard against SQL exploits, try googling for "SQL
Injection"
as you can potentially do lots of "nasty things" to your database
and / or
server even if you're going over a secure link :-)
The basic HTTPS setup should be straightforward, you can create your own
certificate, but if you accepting beer tokens, then you'll probably want to
go with something like verisign.
> -----Original Message-----
> From: Rob Mouser [mailto:rmouser@xxxxxxx]
> Sent: 18 June 2003 15:19
> To: ukha_d@xxxxxxx
> Subject: [ukha_d] A Little OT: Server Security
>
>
> Here at work we are developing an on-line ordering system which will
> link directly to our SQL server (We are populating our own web server
at
> present.). Can anyone point me in the direction of a good source of
> information (Basics upwards!) on the implementation of a secure site
> (I.e. HTTPS) as we seem to have something of a hole in our knowledge
> here :-( and I don't fancy a hole in our security (Ouch!)
>
>
>
> Thanks for all your time.
>
>
>
> Many thanks
>
>
>
> Rob
>
> _____
>
> Rob Mouser
> Director
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> _____
>
> The information contained in or attached to this email is intended
only
> for the use of the individual or entity to which it is addressed. If
an
> addressing or transmission error has misdirected this e-mail and you
are
> not the intended recipient, or a person responsible for delivering it
to
> the intended recipient, you are not authorised to and must not
disclose,
> copy, distribute, print or retain this message or any part of it. It
may
> contain information which is confidential and/or covered by legal
> professional or other privilege (or other rules or laws with similar
> effect in jurisdictions outside England and Wales).
>
> The views expressed in this email are not necessarily the views of
> Chamaeleo Ltd, and the company, its directors, officers or employees
> make no representation or accept any liability for its accuracy or
> completeness unless expressly stated to the contrary.
>
>
>
>
>
> [Non-text portions of this message have been removed]
>
>
>
> ** UKHA2004 BE THERE! ** - start planning now.
>
> http://www.automatedhome.co.uk
> Post message: ukha_d@xxxxxxx
> Subscribe: ukha_d-subscribe@xxxxxxx
> Unsubscribe: ukha_d-unsubscribe@xxxxxxx
> List owner: ukha_d-owner@xxxxxxx
>
> Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
>
>
Home |
Main Index |
Thread Index
|