Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Top tips for secure web applications [closed]

I am looking for easy steps that are simple and effective in making a web application more secure.

What are your top tips for secure web applications, and what kind of attack will they stop?

like image 397
Oded Avatar asked Sep 06 '08 08:09

Oded


People also ask

What is the most important rule concerning web application security?

Always use the least permissive settings for all web applications. This means that applications should be buttoned down. Only highly authorized people should be able to make system changes and the like. You might consider including this in your initial assessment.

What are three ways to secure applications?

Three Ways To Secure Application Services – Authentication, Automation, And Collaboration – Information Security Buzz.


1 Answers

Microsoft Technet has en excellent article:

Ten Tips for Designing, Building, and Deploying More Secure Web Applications

Here are the topics for the tips answered in that article:

  1. Never Directly Trust User Input
  2. Services Should Have Neither System nor Administrator Access
  3. Follow SQL Server Best Practices
  4. Protect the Assets
  5. Include Auditing, Logging, and Reporting Features
  6. Analyze the Source Code
  7. Deploy Components Using Defense in Depth
  8. Turn Off In-Depth Error Messages for End Users
  9. Know the 10 Laws of Security Administration
  10. Have a Security Incident Response Plan
like image 79
Espo Avatar answered Sep 27 '22 22:09

Espo