Top tips for secure web applications

I am looking for easy steps that are simple and effective in making a web application more secure.

What are your top tips for secure web applications, and what kind of attack will they stop?


Microsoft Technet has en excellent article:

Ten Tips for Designing, Building, and Deploying More Secure Web Applications

Here are the topics for the tips answered in that article:

  1. Never Directly Trust User Input
  2. Services Should Have Neither System nor Administrator Access
  3. Follow SQL Server Best Practices
  4. Protect the Assets
  5. Include Auditing, Logging, and Reporting Features
  6. Analyze the Source Code
  7. Deploy Components Using Defense in Depth
  8. Turn Off In-Depth Error Messages for End Users
  9. Know the 10 Laws of Security Administration
  10. Have a Security Incident Response Plan

Need Your Help

How to fix a specific time for a method in java

java user-interface timer

I am writing a code in Java, that has three main methods which are called in succession. Today, my prof, told me to improve the code by setting a frequency to code which means it that there should ...

SQL Trigger for comparing on insert

mysql sql triggers

I'd like to write a trigger that checks top value in column (table consists of 4 double columns and one of them acts as a primary key (value within that field should always be bigger then previous

About UNIX Resources Network

Original, collect and organize Developers related documents, information and materials, contains jQuery, Html, CSS, MySQL, .NET, ASP.NET, SQL, objective-c, iPhone, Ruby on Rails, C, SQL Server, Ruby, Arrays, Regex, ASP.NET MVC, WPF, XML, Ajax, DataBase, and so on.