This tutorial helped me a lot, keeping em' clean & a little bit more secure ;)
But always keep in mind, there are different attack vectors than "just" SQLi & the MySQLd.
Topics:
Disable or restrict remote access
Disable the use of LOCAL INFILE
Change root username and password
Remove the "test" database
Remove Anonymous and obsolete accounts
Lower system privileges
Lower database privileges
Enable Logging
Remove History
Patch your systems
Tutorials@SSTeam
With another 'paper', regarding industry-style solutions(esp. credit card, bank details storage)
Tutorial@GreenSQL
No comments:
Post a Comment