报告预览

保障用户安全：让您的 Ibexa 应用程序坚不可摧.pdf

编号：651729

PDF 28页 1.10MB 下载积分：VIP专享

下载报告请您先登录！

保障用户安全：让您的 Ibexa 应用程序坚不可摧.pdf

1、Keeping your users secureMaking your Ibexa application bulletproofHello,Im LucasIve been at Platform.shfor almost 7 years!I used to do technical pre-sales,but was ops before thatMy secret love is finding weird workarounds that are technically correct(the best kind of correct)He/Him/HisSenior manager

2、,OMS teamTable of contentsFramework(s)Your code and customizationsInfrastructureSecurity and youFramework(s)Updates,updates,.Update allthe things!In your OSpackage managerWhats your PHP versionComposerNode?Some tools are there to help you-Topgrade(always test before)can upgrade everything-Snyk,Aikad

3、o can scan your dependencies-composer outdated fits right in your workflowProtect endpointsDont hide,strengthen“My/admin is/admin7”Protect from path traversalRate limit endpointsConsider a WAFCachingtoo much?Too little is badBut too much is worseIbexas VCL can take care of the heavy liftingVidar has

4、 a talk about it right after mineYour codeand customizationsTokensYoure not using defaults,right?ThisTokenIsNotSoSecretChangeItWhere should you store them?Test your codeMany tools can helpStatic analysis toolsAutomated scannersPentests,bug bountiesBlackfire rocksEncourage disclosureResponsible hacke

5、rs/security.txtRewards?Escaping contentNever trust user input);DROP TABLE students;-CORS likes you,actuallyXSSUser uploadsSymfony Validator and escaperInfrastructureFirewallingMinimum exposure policyStrong passwords everywhere elseEncryption for everything internet-facingAutomated blocking(bad IPs,f

6、ail2ban)The internet of(bad)thingsUse HTTPSNot any HTTPS thoughConsider HSTSTLS 1.3Key strengthTest your certificates with SSL Labs or testssl.sh locallyScriptsYour app is a scriptYour pictures arent!Check for separationProtect uploadsStrive for read-only where you canBackupsTake

友情提示

1、下载报告失败解决办法
2、PDF文件下载后，可能会被浏览器默认打开，此种情况可以点击浏览器菜单，保存网页到桌面，就可以正常下载了。
3、本站不支持迅雷下载，请使用电脑自带的IE浏览器，或者360浏览器、谷歌浏览器下载即可。
4、本站报告下载后的文档和图纸-无水印,预览文档经过压缩，下载后原文更清晰。

本文（保障用户安全：让您的 Ibexa 应用程序坚不可摧.pdf）为本站（芦苇）主动上传，三个皮匠报告文库仅提供信息存储空间，仅对用户上传内容的表现方式做保护处理，对上载内容本身不做任何修改或编辑。若此文所含内容侵犯了您的版权或隐私，请立即通知三个皮匠报告文库（点击联系客服），我们立即给予删除！

温馨提示：如果因为网速或其他原因下载失败请重新下载，重复下载不扣分。