SQL注入攻击防范中服务器端安全配置

The Server-side Security Configuration on Prevention SQL Injection Attacks

为使Web服务器和数据库服务器具有更好的扩展功能,实现公共信息交换的目的就不可避免地暴露一些可以被攻击者非法利用的安全缺陷。如何让系统管理者采取有效的防范措施阻止内部信息的泄露,将整个系统的威胁降至最低是目前服务器防守的关键。针对SQL注入攻击防范中的服务器端安全配置问题进行了分析。

In order to enable the Web server and database server extensions to better achieve the purpose of public information exchange exposure on the inevitable attacks that could have been illegally using the security flaw. How to make the system administrator to take effective a preventive measure to prevent the leakage of internal information, the threat of the whole system to a minimum is the key defensive server. In this paper, to guard against SQL injection attacks on the server-side security configuration is analyzed to explain the phrase.