Things to take into account when making a website?
What security considerations should I/do I have to take into account if I decide to make a professional website(HTML,CSS,JavaScr开发者_如何转开发ipt,PHP,etc.). For example, when having a database, one should think about hackers who want to hack the website by SQL-injection. But there are many other examples. What I would like to know is a list of things(security) a webmaster must consider/take into account. Also maybe some things that are recommended, but not a must. A short explanation about each topic is much appreciated, but you don't have to. Thanks in advance.
btw. I'm not sure about the tags. Please add/modify if you know better.
The best resource for securing web applications is the OWASP Top 10: https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project
I suggest you read through each of these top 10 security risks and ensure you understand three things:
- What the risk is
- How it is exploited
- How to protect against it in you language of choice
精彩评论