Hacker News new | comments | show | ask | jobs | submit login
How To Secure Your Website [pdf] (ipa.go.jp)
50 points by matsuu 1787 days ago | hide | past | web | 3 comments | favorite

My favorite resource for this is : https://www.owasp.org/index.php/Main_Page

It has the major security flaws, how they secure them, and how the attack is done. However, I think the best way to secure a website is to keep one thing in mind when programming: never trust anything from the client. Thats input, cookies, anything that can be tampered with on the client side (browser in the case of the web). If you do accept anything without sanitizing or having some sort of check, then you will be hacked and something will be stolen (whether or not it is important, that depends on the domain you are working on).


Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact