tjgquicken
asked on
How do I hack into my website
Hi.
I have a web application that I'm building with PHP on the server side and Javascript/AJAX on the client side. It's my first large-scale web application and I want to be sure that it's secure -- but I'm not entirely sure how to do this. I have a bunch of client side tests that leave me reasonably convinced that the web interface won't let users perform actions that they're not authorized to do, but what I'm not sure about is if someone manages to access my server bypassing the web interface... for instance, what if someone were to telnet into my site and send an HTTP request like POST /php/delete_user.php HTTP/1.1 or something?
I'm not even sure what all the possible scenarios are here, so can anybody recommend a place to start with this kind of anti-hacker testing?
Thanks.
I have a web application that I'm building with PHP on the server side and Javascript/AJAX on the client side. It's my first large-scale web application and I want to be sure that it's secure -- but I'm not entirely sure how to do this. I have a bunch of client side tests that leave me reasonably convinced that the web interface won't let users perform actions that they're not authorized to do, but what I'm not sure about is if someone manages to access my server bypassing the web interface... for instance, what if someone were to telnet into my site and send an HTTP request like POST /php/delete_user.php HTTP/1.1 or something?
I'm not even sure what all the possible scenarios are here, so can anybody recommend a place to start with this kind of anti-hacker testing?
Thanks.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.