Skip to main content

Application Security

I like development more when I know my application will be subjected to a bigger audience either for tests or use. I bet every developer likes this at some point. I hate large numbers during development when the project itself is behind schedule though...because this is when you complete modules for ticks & gram and not fun. 
Sucks.
So, networking...I liked it also because of exposure. Was exposed to this environment so much. I did lots of it. Later found out I was working with less and less materials. I had nothing, in terms of materials, outside Cisco (they really have cool h/ware). Freeware was hard to come by too. I hated dealing with hardware and being platform dependent. Among the nice features a s/ware is to have, platform-independence is one of them. We’ll need something that runs even on mars. 

I kept the knowledge. Bumped into web development and liked it. Big user base..nice. Cross platform apps, sweet. In our last meet-up, we discussed about security and I had several tips on how to make your application air tight and still great to use. Sometimes compromise knocks. Note, there’s always more you can do than what I’m writing. We discussed:
l Input Sanitizing and Validation.
Casing an example, let’s say you want an ID number field. Is the field to accept numerics, alphabets, alphanumeric..and special characters? How many characters? What about html? Can it be same as email? Can it be pasted? 
l SQL Injection.
This is a cool test hack method. How good are you fetching data? How often? How many pages are handling CRUD functions? Can you bypass data fetch?
l Parameterized queries. 
This is where you break the query norm. Try to have staged queries. Have query statements separated. This is all about breaking down queries into chucks. MySqli & PDO is good at this. 
l Folder/File access(read/write) rights.
Where and who can write? I use 0755 permissions for folders and 0644 for files. Works good for me. 
Cache and temp folders are tricky to deal with. Test them nicely....

Popular posts from this blog

Marriage | Whatsapp forward

MARRIAGE.......

He was having his evening beverage

That's when she joined him.

"Hi there handsome, you're looking good. So fine I can eat you up" she said sitting down.

"I thought we agreed to keep away from each other? I am a married man" he told her.

" Come on. I won't bite. You can't resist me, no man can" she said.

"I am a married man" he told her.

"Fight all you want, but soon I will have you. I am way better than your wife" she told him.


"You are nothing compared to my wife" he told her off.

"Really? All this body. All these curves. All these sweetness. I bet your wife is not as good in bed as I am" she told him unbuttoning the top button of her blouse to reveal her cleavage, then lifting up her skirt, just a bit.

"If I was a lustful and unfaithful man, all that would move me. But I am too grown to be enticed by what you're showing off. I am a grown man, you think all that consumes my mind is s…

Why Bro Ocholla is Trending

Awesome day. Been happy, save for having a simple repetitive task. This means, I had time to find out why bro ocholla was [not] praying today.
A photo is worth a thousand words, so here you go.

that freaky htaccess

Htaccess - Evolved

The Hyper Text Transfer Protocol (HTTP) was initiated at the CERN in Geneve (Switzerland), where it emerged (together with the HTML presentation language) from the need to exchange scientific information on a computer network in a simple manner. The first public HTTP implementation only allowed for plain text information, and almost instantaneously became a replacement of the GOPHER service. One of the first text-based browsers was LYNX which still exists today; a graphical HTTP client appeared very quickly with the name NCSA Mosaic. Mosaic was a popular browser back in 1994. Soon the need for a more rich multimedia experience was born, and the markup language provided support for a growing multitude of media types.

Htaccess file know-how will do several things for you:

Make your website noticeably faster.
Allow you to debug your server with ease.
Make your life easier and more rewarding.
Allow you to work faster and more productively.
^AskApache Htaccess Journey

S…