: Can a web-server be reached in other ways than through `HTTP` or externally? A server hosting an application built in PHP: Can the server be reached in other ways than through HTTP or externally?
A server hosting an application built in PHP:
Can the server be reached in other ways than through HTTP or externally?
Is GET and POST only populated through the HTTP protocol?
Is HTTP headers, GET and POST the only source of input for a server/web application?
Is connecting to a website with telnet any different than with a browser?
What other access points exist? Do they pose a security threat? Common ways to counter them?
More posts by @Turnbaugh106
1 Comments
Sorted by latest first Latest Oldest Best
Can the server be reached in other ways than through HTTP or externally?
Well... the server itself can be accessed by different means. Depending on what services are running on the machine (as well as what ports are open).
Is GET and POST only populated through the HTTP protocol?
Yes
Is HTTP headers, GET and POST the only source of input for a server/web application?
No PUT and DELETE are also http methods.
Is connecting to a website with telnet any different than with a browser?
Basically not. Because it will also use the HTTP protocol. Unless you connect to the machine using another service (see first point)
What other access points exist? Do they pose a security threat?
Lots :-)
Physical access to the machine
Other services which are running on the machine (it's best practice to stop unused services).
SQL Injection
File inclusion
Password leaks
Through employees
DNS poisoning
many many more
Common ways to counter them?
Make sure your application is secure (don't give httpd unneeded privileges, always sanitize user input, etc). Harden your server security. Make sure you keep everything up-to-date. Regularly check your logs. Common sense. etc.
Terms of Use Create Support ticket Your support tickets Stock Market News! © vmapp.org2024 All Rights reserved.