I am building a text sharing site where user will upload their text files.
I want to know what are the ways some one can attack my database and the text files stored on my server. And what are the ways to protect them.
Share
Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I am building a text sharing site where user will upload their text files.
I want to know what are the ways some one can attack my database and the text files stored on my server. And what are the ways to protect them.
Make Sure you use PDO for database interaction
(this will prevent you from Attacks Such as MySQL Injection).
Use .htaccess to gain more control.
(it is always good practice to hide Design structure of your application from public, you can try using
more-rewriteto re-write your URL’s, or using .htaccess you can deny permission for users to directly access the files. )Use Object Oriented Programming
Object Oriented Programming was invented for a purpose make use of it.
Make sure you use Design Pattern for your Application.
Adopting design patterns by adhering to standards makes your site less vulnerable to attacks, there are various Design Patterns you can use with your application like, Singleton Pattern, MVC Pattern etc. While MVC is widely adopted and used by various PHP Frameworks.
There are various PHP Frameworks available to take care of most of the things. it is of no use trying to re-invent the wheel. try using a framework, CakePHP is what i personally recommend, otherwise you can try Code Ignitor or Symfony as well.