How to secure database passwords in PHP ?
When a PHP application makes a database connection it of course generally needs to pass a login and password. If I’m using a single, minimum-permission login for my application, then…
Month: January 2022
15 posts
Are HTTP cookies port specific ?
I have two HTTP services running on one machine. I just want to know if they share their cookies or whether the browser distinguishes between the two server sockets. Solution…
How to create .pfx file from certificate and private key ?
I need .pfx file to install https on website on IIS. I have two separate files: certificate (.cer or pem) and private key (.crt) but IIS accepts only .pfx files.…
Are HTTPS headers encrypted ?
When sending data over HTTPS, I know the content is encrypted, however I hear mixed answers about whether the headers are encrypted, or how much of the header is encrypted.…
How to prevent SQL injection in PHP ?
If user input is inserted without modification into an SQL query, then the application becomes vulnerable to SQL injection, like in the following example: $unsafe_variable = $_POST[‘user_input’]; mysql_query(“INSERT INTO `table` (`column`)…
What is a VPN ? What is its use in Cyber Security ?
VPN is an acronym that stands for Virtual Private Network. It creates a safe encrypted tunnel across the internet by connecting a VPN server to a VPN client. Suppose a…
What is the main purpose of Hashing ?
Hashing is required when we have to compare a huge amount of data. We can create different hash values for different data, and we can compare hashes too. Following is…
What is the difference between virus and worm ?
A virus is a piece of harmful executable code that is attached to another executable file and can modify or erase data. When a virus-infected computer application executes, it takes…
What is a Brute Force Attack ? How can you prevent it ?
Brute Force is a way of finding out the right credentials by repetitively trying all the permutations and combinations of possible credentials. In most cases, brute force attacks are automated…
What are the steps to set up a firewall ?
Username/password: modify the default password for a firewall device Remote administration: Disable the feature of the remote administration Port forwarding: Configure appropriate port forwarding for certain applications to work properly, such as a…
Differentiate between hashing and encryption
Hashing Encryption It is a method of converting data to a smaller fixed value known as the key, which is then used to represent the original data. It’s…
What are the types of Cyber Security ?
The assets of every company are made up of a variety of various systems. These systems have a strong cybersecurity posture, which necessitates coordinated actions across the board. As a…
Who are Black Hat, White Hat and Grey Hat Hackers ?
Black Hat hackers, sometimes known as crackers, attempt to obtain unauthorized access to a system in order to disrupt its operations or steal critical data. Because of its malicious aim,…
What does XSS stand for ? How can it be prevented ?
XSS stands for Cross-site scripting. It is a web security flaw that allows an attacker to manipulate how users interact with a susceptible application. It allows an attacker to get…
What is Cryptography ?
Cryptography is the study of securing communications from outside observers. Encryption algorithms take the original message, or plaintext, and converts it into ciphertext, which is not understandable. The key allows the user…
