woot586 woot586 - 1 month ago 20
PHP Question

Testing against hacking attempts

I want to make sure my site is protected against hacking attempts and I think the best way to test is to try and hack my site myself. What sort of things do hackers do to try and hack my site?

E.g.,

Test -
they might put javascript in a input field e.g.,

<“open javascript tag">window.location = “www.somewhereelse.com”;<“end javascript tag”>


Protection -
Use php htmlentities function before displaying data.

What other things can I test against to make sure my site is safe?

Answer

You will find an extensive list of attacks here: https://www.owasp.org/index.php/Category:Attack