Since a week or so, I notice a huge increase in SQL injection attacks on various websites. Anyone else seeing the same SQL injection attacks lately? This increased SQL injection activity – on various web sites and databases – has the following characteristics:
…MySQL sleep() command injection attacks: how not validating your PHP user input can lead to Denial of Service (DoS) attacks against websites and back-end database servers. Simply by putting “AND sleep(3)” in the address bar… Here is how to put a MySQL server to sleep, happy SQL injection!
Here are 7 .htaccess snippets for you to secure your website, by using .htaccess as a kind of Web Application Firewall (WAF). You can use this information to block exploits and rogue HTTP requests on your website.
…7 Snippets to use .htaccess as a Web Application FirewallRead More »