Safety saves – 3 steps towards a safe web Application

For malicious attackers attempting to compromise your web application, the network is no longer the path of least resistance. A simple configuration error or a little carelessness and sometimes not being aware can give an attacker direct illegal access to your database or sections that require aunthentication. In this post we present you some simple yet strong steps towards making your endeavour more secure. We are sure they will surely tighten your seatbelts or prove or be your helmet. And we beleive that Safety does matter when it involves your hard work.

SQL injection

SQL injection is a code injection technique and is basically due to input data validation flaw. Let us assume that you ask user to input username and password to access certain section of your application. And your query is something like:

SELECT * FROM user_table WHERE user=”.$username.” and pass=”.$password.”;
 
here,
 
$password = $_POST[‘password’];
 
$username = $_POST[‘username];

In this case, all malicious user has to do to gain access to your application is enter in either of the field ( say password ) some string of the type – “ or “1” = “1 – Hence your query now becomes

  SELECT * FROM user_table WHERE user=”some known username” and pass=”“or “1” = “1”;

Since “1” = “1” is always true, therefore he gains access to that particular section with the power of “some known username”.

You can prevent it by following two very simple approaches:

1. Using addslashes() method

   $username = addslashes($_POST["username"]);   
   $password = addslashes($_POST["password"]);

2. Using mysql_real_escape_string() method

$sql_query = sprintf(“SELECT * FROM user_table WHERE user = ‘%s’ AND pass = ‘%s’ ”, mysql_real_escape_string($user), mysql_real_escape_string($password));

.

DoS Attacks

DoS (Denial of Service) attack is an attempt to engage your resource and make it unavailable to its intended users.

Test size limits of user input before using or storing it. There are two ways to limit the file size that can be uploaded. As explained below:

php.ini Settings

1. Adjust the upload_max_filesize setting:
The default value is 2MB. A second restriction affecting the total size of form submissions, is marked by the post_max_size setting in php.ini. Its default value is 8MB. So you can alter it as you want.

2. HTML Form setting:
But changing php.ini setting in shared web Servers becomes an issue. In that case, include a hidden input field in your form with the name MAX_FILE_SIZE, and the maximum file size you want to accept with this form as its value. But, this value can’t exceed the upload_max_filesize setting in your php.ini. Anyway you can accept different maximum sizes on different pages and avoiding unnecessary engagement of your server.

.htacess Settings
If you find in your log file that some particular IP address (say xxx.xxx.xxx.xxx) is making enormous requests to your application and keeping it engaged. This can be an automated program or a bot or some guy with ill intentions. You can simply deny the requests from that particular IP Address by adding below code to your .htacess file

      Deny from xxx.xxx.xxx.xxx

Put size safeguards on database queries. For example, before you display query results in an PHP Web page, be sure that there are not an unreasonable number of records.

.

Sessions

Sessions are the methods by which we can “maintain state” from one page to the next and identify specific users across multiple page requests. Below are some practices that you might find of some help. It might not be very close to give bullet-proof security. However, they can be some simple extra steps that can be taken to help keep hackers out

A session assigns a unique identifier to a user. To make it difficult for someone to guess, or for a program to find quickly, to help avoid hacking, a session identifier should be at least 32 random alpha-numeric characters or longer.
In order to protect your session from hacker, you need to find as many unique aspects of the user’s computer as you can find, and verify that they stay the same across all page requests.

I would advise to store IP Address and User Agent (UA). It is possible that a hacker could be spoof IP or using same UA, but it is more unlikely.

Store the last access time in the session variable. And in case it is inactive for more than 20 minutes (say), end the session.

An illustration:

<?php
      session_start();
 
      function endSession($message)
 
      {
 
            session_unset();
 
            session_destroy();
 
            echo $message;
 
            exit;
 
      } 
 
      if(isset($_SESSION['user']))
 
      {
 
            if($_SESSION['ip_address'] != $_SERVER['REMOTE_ADDR'])
 
            {
 
                  endSession("Invalid IP Address");
 
            }
 
            elseif($_SESSION['user_agent'] != $_SERVER['HTTP_USER_AGENT'])
 
            {
 
                  endSession("Invalid User-Agent");// verify user-agent is same
 
            }
 
            elseif((time()-1200) > $_SESSION['last_access'])
 
            {
 
                  endSession("Session Timed Out");// verify access within 20 min
 
            }
 
            else
 
            {
 
                  echo "Welcome user";
 
            }
 
      }
 
      else
 
      {
 
            $_SESSION['user'] = "Steve";
 
            $_SESSION['ip_address'] = $_SERVER['REMOTE_ADDR'];
 
            $_SESSION['user_agent'] = $_SERVER['HTTP_USER_AGENT'];
 
            $_SESSION['last_access'] = time();
 
            echo("Session created, refresh page");
 
      }
 
      ?>

That’s all!
We will get back to you soon with some handful safety features.
Cheers!!

Recently Published

»

5 Things to Consider When Designing A Logo For Your Startup

Designing a Logo is essential because it communicates your business. ...

»

What Is Access Control?

Access Control, When running a business, there are dozens of things ...

»

Process Management Solution For a Business

In order to be successful, a company needs to be on the same page and ...

»

5 Metrics You Should Track on Every Blog Post

As a blogger, you may have developed your blog with a variety of blog ...

»

3 of the Most Dynamic LMS Plugins for WordPress

The possibilities are limitless when you want to put a course online ...

»

Do You Really Need Access to Advanced Scripting Capabilities?

One of the features you’ll find most commonly advertised when ...

»

Obvious UX Trends that will Rule 2018

For web design industry, we see new UX trends in the way we build ...

»

Java Programming Language And Its Application

Programming language is one of the main IT developments of the past ...

»

Why Can’t I Add or Install Plugins in WordPress

WordPress is a great choice when it comes to Content Management ...