Knowledgebase
My site is redirected / There are iframes in my site?
Posted by Dan Moses on 16 July 2007 05:56 PM
|
|
Many third party scripts that are available online are not secure. Just like Windows, new vulnerabilities are being searched out every day by hackers. A common attack these days is SQL injection or Cross Site Scripting attacks (XSS). Cross Site Scripting allows an attacker to embed malicious JavaScript, VBScript, ActiveX, HTML, or Flash into a vulnerable dynamic page to compromise private information, manipulate or steal cookies, create requests that can be mistaken for those of a valid user, or execute malicious code on the end-user systems. The data is usually formatted as a hyperlink containing malicious content and which is distributed over any possible means on the internet. Use the following program to see if your site is having insecure code. http://www.explabs.com/ Integrity Host support can usually remove the injection from your site, but to prevent it, either the vulnerable script will need to be replaced/repaired, or you can have a programmer add the logic of the 4 steps presented below into every page on your site to prevent most XSS attacks from working. Click here to read the XSS prevention steps. | |
|
Comments (0)