摘要
在注重用户体验的Web 2.0时代,网站信息安全问题应该引起人们足够的重视。文章从SQL注入攻击、数据库的拖库和撞库风险、HTTP协议自身的安全缺陷、文件上传漏洞、跨站脚本攻击等多个方面,对网站可能存在的信息安全问题进行了详尽的分析,并针对各种信息安全问题给出了切实可行的防护对策,以期对加强网站信息安全工作起到抛砖引玉的作用。
In such an era of WEB 2.0 that developers focus on user experience,people should pay more and more attention to website information security.This paper makes a detailed analysis of SQL injection attack,account credential enumeration attack,HTTP protocol security defects,file upload attack,XSS attack,etc.Finally,the feasible protective countermeasures are given for all kinds of information security issues,which hopes to strengthen website information security.
作者
陈淑红
Chen Shuhong(Juxian Wenxin Senior High School,Shandong Rizhao 276500)
出处
《网络空间安全》
2020年第7期55-59,共5页
Cyberspace Security