Increase in SQL injection attacks
Since a week or so, I notice a huge increase in SQL injection attacks on various websites. Anyone else seeing the same SQL injection attacks lately? This increased SQL injection activity - on various web sites and databases - has the following characteristics:
MySQL sleep() attacks
MySQL sleep()
command injection attacks: how not validating your PHP user input can lead to Denial of Service (DoS) attacks against websites and back-end database servers. Simply by putting "AND sleep(3)
" in the address bar... Here is how to put a MySQL server to sleep, happy SQL injection!
7 Snippets to use .htaccess as a Web Application Firewall
Here are 7 .htaccess snippets for you to secure your website, by using .htaccess as a kind of Web Application Firewall (WAF). You can use this information to block exploits and rogue HTTP requests on your website.