Guideline of Web Application Security Preventive Measures
Release Date: 9 Jul 2013
5482 Views
Web application developer should take the below preventive measures to protect their web application.
10 Security Preventive Measures
- Follow HKCERT website for latest updates
- Ensure user use strong password and provide two-factor authentication
- Use web application firewall
- Restrict access and protect web admin login page
- Change all default application passwords and remove all unused third parties' application libraries
- Validate user supplied inputs in the web applications
- Separate the Web servers and Database servers
- Implement SSL / TLS in the web applications
- Perform static code scanning during development and perform penetration testing and vulnerability scanning regularly
- Continuous monitor on application traffic and log analysis
For more information: /my_url/en/guideline/18061501
Share with