XSS and SQL injection attack Prevention
A new problem has come into light in recent times related to defacing or modification of website data automatically and the problem is on rise. This problem is known as "Cross site scripting" or "SQL Injection" attack. These attacks are done by web users who can scan your website using some internet robots and can get hold of the coding and other relevant details about the server like web server version, scripts language and database type.Malicious codes as well as some scripts and Iframes that redirect to other sites containing virus gets embedded automatically for which they don't need any access to the server. These types of infection is called "Cross-site scripting" which operates on the vulnerability in the website and exploits them (like non filtered input in the search/ contact/ login/ any type of submit page). No firewall, antivirus, antispyware can protect this to happen. It can only be stopped by patching up the code vulnerabilities in your website. You can gather more information if you visit the below links:
- http://www.acunetix.com
Here you can know more about these problems in details and can download a free vulnerability scanner that you can use to scan your site and know those vulnerabilities and have to act accordingly. - http://www.google.com/webmasters/
Here you can login to the google webmaster tool using any of your existing Gmail account login to verify your website data. - http://en.wikipedia.org/wiki/Cross-site_scripting
http://en.wikipedia.org/wiki/Sql_injection
Here you can get extensive knowledge on "cross site scripting" and "Sql injection". - http://www.virtualforge.de/vmovie.php
You can download videos from this site related to cross site scripting attack.
Please lookout for some scripts in your Webpages like the one below:
Related Articles
Block brute force attack from Plesk firewall
Block brute force attack from Plesk firewall Issue: SMTP service has been receiving unauthorised brute force requests on the server Update 1: Below logs have been found from the maillog on the server May 15 12:13:44 host plesk_saslauthd[11425]: No ...Malware & Cross Site scripting attack in website
While browsing your website you can come across error message in your Mozila or Google Chrome web browsers. (fig 01 & 02) fig 01: attack reported on Mozila Firefox fig 02: attack reported on Google Chrome This type of message you can not see on ...MS SQL database creation
Log in SQL Server Management Studio to create database. Create a folder in "C:\SQLdomain\" as your domain name. C:\SQLdomain\testdomain.com Click right mouse button on Databases to open database menus and click New Database link. Assign a Database ...Remotely Connecting to SQL Server
Description: To connect to SQL server 2014 remotely you have to download “SQL server 2017 management studio express edition” and install it. To install it the prerequisite is .NET framework 4.7 to be installed in the computer then only u can install ...Truncate SQL DBs remotely without admin privileges
SQL Log: It records recent database transactions and is used to ensure database integrity in the event of a system restore, like database queries, updating/insertion/deletion of the records and all other database action. You can say it is a temporary ...