Chapter 7

Fixes

Chapter Rundown:

■ Hardening your web server to stop the riff-raff

■ How to prevent all flavors of injection attacks

■ Securing the authentication process

■ Serious cheat sheets for XSS and CSRF prevention

■ Preventing SET-based attacks: user education is your only chance

Introduction

While exploits and payloads garner the most attention from the hacking community, very few of you will get to play the role of the hacker without having to also consider how to fix the vulnerabilities.

Most professions that involve ethical hacking also require specifying and implementing mitigation strategies to help prevent the attacks in the future. Just as our approach targets the web server, the web application, and the web user, it also includes the ...

Get The Basics of Web Hacking now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.