Forums
RS-Linkify
Quick find code: 261-262-33-65181208
Miss Lioness
said
:
Thank you =3!
My Pleasure
Keighlea said :
Indecent Act said :
Funny thing is most users are worried about seedy sites. But with my site for example I'm letting strangers write data to my hard drive. I'm the one at risk, every visitor must be treated as a potential threat.
Scary
It's a different perspective from a web site owner's point of view. Hard to imagine letting random strangers write stuff on your home computer, when you're not even there. You'd have to be insane to do that right?
That's how it is for many websites, oh I don't claim to be in anyway sane btw
Thank you =3!
My Pleasure
Keighlea said :
Indecent Act said :
Funny thing is most users are worried about seedy sites. But with my site for example I'm letting strangers write data to my hard drive. I'm the one at risk, every visitor must be treated as a potential threat.
Scary
Fun fact: Zaros uses Linkify
It's a different perspective from a web site owner's point of view. Hard to imagine letting random strangers write stuff on your home computer, when you're not even there. You'd have to be insane to do that right?
That's how it is for many websites, oh I don't claim to be in anyway sane btw
23-Jan-2014 22:22:43
Indecent Act
said
:
oh I don't claim to be in anyway sane btw
oh I don't claim to be in anyway sane btw
;D
Selective Completionist
24-Jan-2014 00:21:40
@Indy,
Tyvm for the response
I'll look into how to use MySQL, but I don't think I'll use it because google's cloud version comes with a monthly fee. For now, I think I'll just see how it goes doing small projects with google's free services. It should reduce the danger of getting attacked at least
I should probably do more to prevent bot flooding for poll creation
Captchas sound good, I'll try to get that set up as well as limiting the rate of poll being created per IP. I think appspot has ways to deal with bots, I'll have to read more about it.
How do you respond to recovery requests if you don't store emails?
And why isn't there a reliable built-in set of methods for escaping in sql?!?!
(E: I really can't find an answer for this online lol, I just get lots of people talking about sql code being vulnerable and how frequest SQL attacks are... but nothing about sql having built in methods for escaping. Apparently textbooks teach with example code that's vulnerable without emphasizing vulnerabilities enough.)
I've looked a little into salts and hashes, so I definitely won't be storing passwords in plain text
I was actually thinking of trying to use OAuth but it all seems to complicated
Tyvm for the response
I'll look into how to use MySQL, but I don't think I'll use it because google's cloud version comes with a monthly fee. For now, I think I'll just see how it goes doing small projects with google's free services. It should reduce the danger of getting attacked at least
I should probably do more to prevent bot flooding for poll creation
Captchas sound good, I'll try to get that set up as well as limiting the rate of poll being created per IP. I think appspot has ways to deal with bots, I'll have to read more about it.
How do you respond to recovery requests if you don't store emails?
And why isn't there a reliable built-in set of methods for escaping in sql?!?!
(E: I really can't find an answer for this online lol, I just get lots of people talking about sql code being vulnerable and how frequest SQL attacks are... but nothing about sql having built in methods for escaping. Apparently textbooks teach with example code that's vulnerable without emphasizing vulnerabilities enough.)
I've looked a little into salts and hashes, so I definitely won't be storing passwords in plain text
I was actually thinking of trying to use OAuth but it all seems to complicated
i
<
Blasty
the Blue
>
Blasty
// @BlastytheBlue // Blasty#5167
| Co-owner of
Mine Nation
24-Jan-2014 05:38:16 - Last edited on 24-Jan-2014 05:51:01 by Blasty
Quick find code: 261-262-33-65181208 Back to Top