Summer vacation’s over? More and more SQL injection attacks observed
Since a week or so, I notice a huge increase in SQL injection attacks on various websites. Anyone else seeing the same SQL injection attacks lately? This increased SQL injection activity – on various web sites and databases – has the following characteristics:
How to put a MySQL server to sleep()
sleep() command injection attacks: how not validating your PHP user input can lead to Denial of Service (DoS) attacks against websites and back-end database servers. Simply by putting “
AND sleep(3)” in the address bar… Happy SQL injection!
.htaccess to secure your website
In this post I provide you with 7 .htaccess snippets to secure your website, by letting .htaccess act as a kind of Web Application Firewall (WAF). You can use this information to block out exploit- and rogue HTTP requests on your website.