开发者

What information should I log if I detect that my site is under attack?

问答 作者:

In the code below if I get into the if statement I can safely say my site is under attack. What information is it a good idea to log?

Any recommendations on actions that开发者_StackOverflow can be taken to minimize the damage at this point?

protected void btn_Search_Click(object sender, EventArgs e)
{
   if(tb_SearchBox.Text.Length > tb_SearchBox.MaxLength)
   {
      //What should i log?
      //What actions should I take?
   }
   //Otherwise search
}

For the action I would just redirect them to error page.

For the logging I would do as @The Rook mentioned and grab the entire request. I would use some logging software, such as ELMAH. ELMAH captures the entire HTTP Request as well as referrer IP. Logging is good regardless of security concerns

You can log the ip and log how many times he has already attempted to hack you. If it's above a certain threshhold you can block his ip for a certain amount of time

When a Web application firewall like Mod_Security detects an attack it will log the entire HTTP request, along with the remote IP address.

继续阅读:loggingsecurity

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9