

How To Secure Your Website [pdf] - matsuu
http://www.ipa.go.jp/security/vuln/documents/website_security_en.pdf

======
kirinan
My favorite resource for this is : <https://www.owasp.org/index.php/Main_Page>

It has the major security flaws, how they secure them, and how the attack is
done. However, I think the best way to secure a website is to keep one thing
in mind when programming: never trust anything from the client. Thats input,
cookies, anything that can be tampered with on the client side (browser in the
case of the web). If you do accept anything without sanitizing or having some
sort of check, then you will be hacked and something will be stolen (whether
or not it is important, that depends on the domain you are working on).

------
matsuu
See also

How To Use SQL Calls to Secure Your Web Site
[http://www.ipa.go.jp/security/vuln/documents/website_securit...](http://www.ipa.go.jp/security/vuln/documents/website_security_sql_en.pdf)

Official Site <http://www.ipa.go.jp/security/english/third.html>

------
barakstout
Thanks!

