Thanks a lot
On Wed, 24 Nov 2004 07:58:37 +0200, Quinton Delpeche <[EMAIL PROTECTED]> wrote: > On Wednesday 24 November 2004 07:49, Richard wrote: > > Hi Quinton, > > Can't really check, but the following guidelines are good: > > -> Make sure your tomcat user does not have admin privileges on the server. > (Not sure how to do this on Windows, I am a linux person). > > -> Make sure your web-application doesn't have any funny code that might get > exploited by a proficient hacker (i.e. shell commands run as ROOT). > > -> Add a blank index.html to each directory of your web-app, this prevents > users from getting directory listings on your server. > > -> Ensure that you don't give away too much information in your URL (using ? > and & parameters). This can easily be prevented by implementing SSL and > ensuring that the users have to log on first. > > > How can you tell when your web-app is secure? > > Forgive me for asking too many questions, im just a newbie. > > No problem. I understand. :) > > > Thanks > > > Q > -- > Quinton Delpeche > Internal Systems Developer > Softline VIP > > Telephone: +27 12 420 7000 > Direct: +27 12 420 7007 > Facsimile: +27 12 420 7344 > > http://www.vippayroll.co.za/ > > For some reason, this fortune reminds everyone of Marvin Zelkowitz. > > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
