Solved

Error reporting

Posted on 2009-03-31
1
145 Views
Last Modified: 2012-05-06
Hi,
With regard security, I wanted to know wether it's secure to use if .. else to tell the user of my website wether there is a result or not? Is it a good idea to show a blank screen if there are no results or use if...else to show an error message.

Regards,
0
Comment
Question by:Shopies
1 Comment
 
LVL 19

Accepted Solution

by:
CoccoBill earned 125 total points
ID: 24036947
Error messages should give relevant and helpful information without revealing anything that might compromise the security. Usually internal system error messages should never be shown to the end user, instead use informative messages that are understandable to your users.

For example, "There are problems connecting to the database, please try again later." might be a good error message to the end user, but fairly useless to an admin. "SQLSRV02.domain.com responded with error code 0x800094383." is way too much information for the end user, but might be helpful to an admin.
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Security Overview Report 8 55
Web Fraud scenarios to PoC F5  web fraud prevention 7 39
how to remove .wallet ransomware 8 113
Showing random records from database 10 37
This article will inform Clients about common and important expectations from the freelancers (Experts) who are looking at your Gig.
With healthcare moving into the digital age with things like Healthcare.gov, the digitization of patient records and video conferencing with patients, data has a much greater chance of being exposed than ever before.
The viewer will learn how to count occurrences of each item in an array.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

825 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question