How to make your website Secure

[ziPlet]

This tutorial was made by Allen-X, it is a sample of how weak security can be.

SQL Injection is a common method now, and how do you prevent it? quite simple, you can use a mysql_real_escape_string on all your forms to prevent it, here is a quick example:

<?php

// Connection
$link = mysql_connect('mysql_host', 'mysql_user', 'mysql_password')
OR die (mysql_error));

$query = sprintf("SELECT * FROM users WHERE user=bla AND password=bla,
mysql_real_escape_string($user), // Escapes Special Characters
mysql_real_escape_string($password)); // Escapes Special Characters

?>

Well what we do is use mysql_real_escape_string, why would I recommend this? Well it escapes Special Characters, Special Characters are ejected in SQL Injection attacks.

I would also recommend using addslashes as prevention. Here is an example of addslashes:

<?php
$que = "Don't you dare";
echo addslashes($que);
?>

The output would be:

Don/t you dare

So either one would be fine.

Now lets say you want to protect your database from exposure, here is a sample code I wrote:

<?php

$try_password = crypt(sha1($password)); // Crypts user password in SHA1 encryption
if($crypted_pass == $try_password){// If $crypted_pass = $try_password then its correct
echo "Correct";
}
else {// Otherwise
header('Location:/login.php');
}
?>

What that does is encrypt our password in the database as SHA1.
If the password is inserted correctly, you get "Correct" if it isn't, we use a else statement to redirect our user back to our login page.

You can modify it, such as adding something like:

$ip = getenv(REMOTE_ADDR");
$log = "\n$ip";
$fo = fopen("login", "a");
$loginlog = "$IPlog";
fwrite($fo, $loginlog);
fclose ($fo);
else
$terminate

What that does is fwrites and fopens and etc to our files to indicate IP logs. Investigate the script so you get a more better understanding.

Its also recommended you chmod the file to 777.

Another thing that may be important is to use a session_cache_expire and session_start(), this can be used to switch Session ID's. Why may this be important? Mainly because someone can cookie spoof and get into your account using your SES id, well, having it expire is just a solution.

Here is something I wrote out:

<?php

// Creates "priv"
session_cache_limiter('priv');
$cache_limiter = session_cache_limiter();

//Session Cache expires in 20 secs and sleeps for 11 secs and then creates session
session_cache_expire(20);
$cache_expire = session_cache_expire();
sleep(11);
session_start();

//Redirects to whatever you want

header('Location: /index.php');

// Basically a exit() command
die()

?>

First, you need to switch the selections in the header() statement, /index.php may be the functionality you use, but if it isn't, switch it to what it is. After it redirects to your index, then a new session is created.