1
I’d like to ask a few questions. My site is protected against SQL Injection attacks because I am using Mysqli with bind in addition to external scripts against this problem protection. And the HTTPS certificate is activated and functional. Now the question arises: is it possible for my site to be attacked in another way? I ran a program to check for loopholes called OWASP Zed Attack and it returned me some faults alerts as XSS Header Protection and some of the things that were more about Internet Explorer. So the question is, is there any way that my site could suffer some kind of attack or be subject to failure? If so, could you send me files or content to study? I would be very grateful.
Thank you for your time and sorry about anything. Good evening.
No system is 100% flawed or attacked. I recommend these sites: https://www.owasp.org/index.php/Main_Page and https://security.stackexchange.com/
– Valdeir Psr
You cannot leave out input validation, if you are waiting for a numerical input then what happens if you send string? If you are waiting for a 60-char string, what happens if you send one with 21442412 chars? etc. O @Valdeirpsr, left good refs and you can start there
– Miguel
Hello. Validation of inputs has already been well worked out. Thanks for the comments
– Strepk