5 replies to this topic

[Turk4n]

Not 100% secure, but still secure against most script kiddes?
I mean my friend is asking me, and I am telling him things I expect him to know since he likes to brag about coding, now he wants to secure his not done site, against MySQL injections and normal code errors?
Myself never cared since I have no hopes with php and html, knowledge LOW.
So I am asking you C.C do anyone with great knowledge could possible share me with it?

Thanks in advance !

[Brandon W]

There are many different tutorials on CC that will help your friend prevent SQL Injection. Has he done anything with PHP to secure his site?

[Turk4n]

Brandon W said:

There are many different tutorials on CC that will help your friend prevent SQL Injection. Has he done anything with PHP to secure his site?

Not of what I have heard, I would really tell you that he has no skills within PHP however I beleive if he lays a certain amount of time, he might learn somethings practical useful !
Also I will check all the tutorials and check if they are useful, for him !

[Brandon W]

Not a bad idea, also if he is committed you might want him to read this area of the PHP documentation;
PHP: Security - Manual

[TkTech]

If he has a production site, I can test it for him, including XSS, LFI & RFI, the works. I've been building a vulnerbility penetration suite for days with some buds on Rohitab.

[Turk4n]

TkTech said:

If he has a production site, I can test it for him, including XSS, LFI & RFI, the works. I've been building a vulnerbility penetration suite for days with some buds on Rohitab.

He is more of private person, doing it just for fun, he will host game servers/blog servers and some tutorials. However I haven't asked so much about it.
I could tell him when he is done there are kind people enough to try out his site, so he knows how secure it might be !
Thanks TkTech