Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I’ve been working on a script for some time now, making sure it’s as secure as possible. My only problem is, how do I know if it’s secure? I can’t find anything online.
My script is a user management script, not for use, merely for practice.
I want to test for as many security holes as possible. XSS, CSRF, Session fixation/hijacking (important).
Your question is way too open to be answered in-depth here. However, here are some guides on how to protect against the possible attacks you mentioned:
Remember: No system will ever be 100% secure. But these should be a good start. And here are some basic things to keep in mind/to always do, like certain types of validation, etc.