Solved

Error reporting

Posted on 2009-03-31
1
150 Views
Last Modified: 2012-05-06
Hi,
With regard security, I wanted to know wether it's secure to use if .. else to tell the user of my website wether there is a result or not? Is it a good idea to show a blank screen if there are no results or use if...else to show an error message.

Regards,
0
Comment
Question by:Shopies
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 19

Accepted Solution

by:
CoccoBill earned 125 total points
ID: 24036947
Error messages should give relevant and helpful information without revealing anything that might compromise the security. Usually internal system error messages should never be shown to the end user, instead use informative messages that are understandable to your users.

For example, "There are problems connecting to the database, please try again later." might be a good error message to the end user, but fairly useless to an admin. "SQLSRV02.domain.com responded with error code 0x800094383." is way too much information for the end user, but might be helpful to an admin.
0

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot has fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this blog we highlight approaches to managed security as a service.  We also look into ConnectWise’s value in aiding MSPs’ security management and indicate why critical alerting is a necessary integration.
Let's recap what we learned from yesterday's Skyport Systems webinar.
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.
This video Micro Tutorial shows how to password-protect PDF files with free software. Many software products can do this, such as Adobe Acrobat (but not Adobe Reader), Nuance PaperPort, and Nuance Power PDF, but they are not free products. This vide…

632 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question