The internet has become the fastest and most widely used the medium to exchange information and communicate. Web Applications have revolutionalized business processes and our everyday lives.
What is a web application
A web application is a computer program that operates on web browsers and web technology to perform tasks over the Internet. To better understand web attacks the architecture below will help
Distributed denial of service DDoS
Distributed denial of service is an attack that seeks to stop or slow down an online service but overwhelming the service with requests.
How to protect yourself
- Increasing network security – Use of various techniques to prevent network intrusions i.e. firewalls,anti-spam, content filtering, and load balancing software. Better network security with complex password policies
SQL injection
SQL injection is the input of malicious SQL queries via web inputs (forms, URL)
How to protect yourself from SQL
- Input validation – which is the practice of writing code that can identify illegitimate user inputs. Escaping inputs for specific characters ‘ and ”
- Parameterized (Prepared) Statements
- Object Relational Mapping – Does make you immune but goes a long way eg Microsoft Entity Framework and Laravels Eloquent
Cross-site Scripting (XSS)
This is a malicious attack with which, attackers manipulate a websites or web apps Client-side code i.e. HTML and JS by embedding JS scripts.
How to protect myself
- Input validation and HTML encoding output