Security measures for site search
Years ago I programmed a magazine-style site in ColdFusion. It had a site search function to full-text search (using SQL Server) the articles and blog posts. It work开发者_如何学JAVAed fine, but then we were hit with a SQL injection attack (my fault). The site owner decided to take down the search, and only recently asked me to make it live again.
I know I needed to use CFQUERYPARAM to stop the SQL injections, and I've fixed that aspect of the code. My question is, what other things should I do to make the site search reasonably secure? I'm not talking about heroic measures, just the basic stuff that I shouldn't forget. Thanks.
- cfqueryparam
- error handling around individual query
- error handling for site via
<cferror>
- logic that limits the number of request that come from a specific IP in a given time
- ensure the database user account only has access to the specific actions it should
- logic that makes sure search request is coming from your site and not 3rd party
- limit number of search results (use pagination)
- limit search input length (max of 30?)
Only use stored procedures for altering the data. Limit the database user account to only be able to use views (on which you can have read only permissions.) Set the datasource to only allow select and execute(procs) Always use cfqueryparam Place queries inside cfc's and always use correct argument types. Use an input sanitiser to check strings for injection.
And of course #1 backup your DB or a regular basis!
Besides using params, you can check the input for strange text (html code, ' tags ect...) limit it in length (it is reasonable that search will not exceed certain amount of chars)
search the web for text sanitizing
You can start avoiding sql injections using CFQUERYPARAM.
Another thing you should be carefull about consist in avoiding deny of services atack. I once saw an atack which was based on sending stupid queries to a site, something like "all texts which contains the a letter" and this kind of stuff.
Limiting the number of results per page consist in a good alternative to avoid this kind of problem.
What I can think about is also check all links(accessible cffunctions, fuseactions, etc.) accessible by the search result are either secure to be public or being protected to necessary level, like:
You can also add a captcha, to the search, to make sure it is human driven. Then you won't wear out your server or db, trying to find answers to automated queries.
精彩评论