Web Security - MVC

So you always hear a bunch of stories about web sites getting popular, and then getting hacked. Basically, I am releasing (as the sole programmer) a website in a few weeks. It's made with MVC2 and it's going to run on the Azure开发者_如何学Go Cloud.

I just would like to know which types of things are "hackable" so to speak. What types of things can I look out for NOW, so I won't be receiving an e-mail in a month saying, "pay me $1,000 or we will take your site down - Anonymous). Yes, that's common.

Mainly because, I doubt I would even be able to fix what was hacked. I'm a good enough programmer to create a site and get it working, but not experienced enough to deal with these sorts of things.

Thanks!

I would suggest going through the OWASP Top 10, which is a very good starting point to understand different kind of threats for web security.

Have you watched the The HaaHa Show: Microsoft ASP.NET MVC Security with Haack and Hanselman? They go through in depth what you should be thinking about and how somebody might atempt to hack your site and what you can do to protect your users.

It's a very entertaining session geard at ASP.NET MVC security specifically.