I'm interested in security mechanisms, and how we can implement protection against some major attacks.
1. DDos
2. SQL injection
3. HTML injections
4. Javascript injection
I'm not a security expert, but we need to know about that.
Is there documentation or a hidden forum about this where we can read or comment?
Hello everyone,
There is a new security challenge here !
the plan:
There are standart technics to slow down attacker:
1 - after some trys to login (brute force attack) - log IP in BlockIPLIst. Block IP of attacker
2 - using reCaptcha - prevents bot's (some reCaptcha is useless !)
3 - using strong passwords (more then 10 symbols) - slow down GPU calculations
4 - using hash of passwords - slow down GPU calculations
5 - disable user account - attacker m