| | |||||
| ||||||||
| Programming PHP, Perl, Ruby on Rails, AJAX, HTML, XHTML, CSS, JavaScript, MySQL and any other coding topics. |
![]() |
| | LinkBack | Thread Tools |
| | THREAD STARTER #1 (permalink) |
| Account Closed Join Date: Feb 2006
Posts: 272
![]() | Please test my sites security Hi i am looking for you programmers to test out the security of my new site. http://www.classpile.com/dev/taglinks/ The site is on a test server atm, thats why i want the security tested so i can have it as secure as possible for when i launch it ![]() Please PM me your results. regards |
| |
| | #2 (permalink) |
| NamePros Regular Join Date: Feb 2006 Location: Montreal, Quebec, Canada
Posts: 324
![]() | It looks ok for me in FF but not in IE if you're using css shrink the size of your main div i think Does the search work?
Last edited by Noobie; 08-17-2006 at 04:48 PM.
Reason: spelling
|
| |
| | #6 (permalink) |
| Eating Pie Join Date: Nov 2004 Location: Canada
Posts: 2,272
![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() | Your sites Login box doesn't seem to allow SQL interjections so a good for that. I checked a few things and they all are a good. So I do not see any clearly visable security issues. - Steve
__________________ I feel old. |
| |
| | THREAD STARTER #7 (permalink) | ||||
| Account Closed Join Date: Feb 2006
Posts: 272
![]() |
![]() rep points added | ||||
| |
| | THREAD STARTER #9 (permalink) | ||||
| Account Closed Join Date: Feb 2006
Posts: 272
![]() |
| ||||
| |
| | #10 (permalink) |
| NamePros Regular Join Date: Apr 2006
Posts: 363
![]() ![]() ![]() ![]() | Yes and no. It gives me information as to if say I come across a cpanel login I know what username to try. If I come accross a vulnerability with file viewing I know the exact path to your site from the server and can backtrace from there. If your host allows connections from other networks by default I could gain access to your mysql database especially since its not using a password. All this can be fixed by simply adding intval() to sanitize it into a number Cheers, Bax |
| |