attackers try to down my websites. They always try to rename index.php file. sometimes they did that. How it possible.Is there is any way to upload file from input text box using script..?
Asked
Active
Viewed 33 times
-3
-
1there are tons of way to inject any code into any server . which is called site's vulnerability. So you sure that's the way attacker choose – Tejas Pandya Feb 28 '19 at 06:28
-
This question is impossible for us to answer. There are too many ways a server can be breached and we know _nothing_ about your setup. We would need to have access to the server and do some extensive tests, which is _way_ too broad for SO. – M. Eriksson Feb 28 '19 at 06:34
-
how can i prevent code injection – Dwith Feb 28 '19 at 06:36
-
Again, that question is _way_ too broad. There are many ways an attacker can breach your server. It would literally be impossible to go through them all here. – M. Eriksson Feb 28 '19 at 06:39
-
okey..................... – Dwith Feb 28 '19 at 06:41
-
@Dwith read through ALL of [this question](https://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php). – yqlim Feb 28 '19 at 09:17
1 Answers
0
dont use $_POST["ur_variable"] directly and insert it in database Instead use sanitize function like mysqli_real_escape_string(). u can also checkout this link for prevention from xss attacks. https://www.w3schools.com/php/php_form_validation.asp
anurag pandey
- 13
- 5