Web Security

[Vikz 0]

Anyone have some advice to make my own website more secure from attack like MySQL Injection?

[Knight444 0]

I would suggest cloudflare for website protection

[FaithMan 17]

From what I know IPS or any other CMS have fairly good protection from MySQL Injection, you should probably worry more about some kind of network attack.

[Elvag 1]

protecting yourself from things like mysql injection........ thats funky just make sure everything is up 2 date like your mysql or maria db's etc but my 2 cents for web security is

if you do not need ssh access aka remote access 2 the server disable it immediately, this is solid advice i have been brute forced more times than u can imagine simply because i had remote ssh access enabled. 
also if you are going too use ssh remember that Using public key authentication for SSH is far more secure than using usernames and passwords to authenticate.

finally if you do not need remote mysql database access than disable it by setting bind-address=127.0.0.1 in my.cnf configuration file

Edited April 24, 2019 by Elvag

[bykamn 0]

Don't use passwords ever. SSH keys only. 

 

Passwords for things like root accounts to forum softwares/mysql users/ etc, I reccomend going to a password generator and generating a fairly long password for EACH account and keeping them in a neat notepad document or something.

[mast100 0]

SSH key is safest way to connect to ur ftp.

 

Cloudflare is very good at ddosing, but u have to write clean code without sqli etc.

Rest should be just fine.

[livedigi 2]

You didn't told us in what your website is built (php, asp.net etc.)

[RevoltSec 0]

I would suggest Cloudflare Protection, but you could just also google about website protection.

[Meehoweq 1]

SSH keys instead of plain passwords, CF as a web proxy, don't ever trust user input if you're coding something on your own - always escape any characters, any suspiciously looking shit.

[nowthisisepic 0]

Always use open source software when you can, That way you can fix any holes the original creators might have not found. Also do what Meehoweq said about escaping characters etc...

[cnglow 0]

Only use SSH keys.

[Hiro. 0]

Cloudflare seems like its one of the best right now.

[felix ulrich 5]

Use bitninja.io and kernelkare if you have your own server. bitninja also has WAF to use with webserver for increased security. Maybe also, consider using docker if you use several web apps. Can increase security through containerizing.

[Kojixus 0]

Cloudflare doesn't do that much with my MySQL Injections, you just have to setup it up properly its like the same thing with php if you can code it really good you won't have any issues

[Shirayukiie 0]

Keep yourself patched and always be up to date with any exploitations on the software u are running, and also firewalls can help.