Web Security: How SQL Injection is done

SQL injection is one of the most common website exploits. For us developers to prevent SQL injection attacks, we must first understand how it’s done. Together, let’s review the basics of SQL injection. Remember, let’s use our knowledge on good things only, okay? The scope of this post is only a MySQL injection sample from […]

Read More

Prevent direct access to directories of subdomains

From my hosting platform (e.g. cPanel), I created two subdomains for web apps. The web apps reside in the following directories: /foo/bar/app_one/ /foo/bar/app_two/ And the subdomains I created are accessed through these URLs: http://app_one.bar.domain.com (pointing to /foo/bar/app_one/ directory) http://app_two.bar.domain.com (pointing to /foo/bar/app_two/ directory) For security purpose, I don’t want anyone to access the web app […]

Read More