[thelist] robots.txt
Paul Bennett
paul at teltest.com
Mon Nov 17 21:22:49 CST 2003
Jeff Howden wrote:
>bots don't do anything different than a browser. they issue a get request
>to specific address.
>
>if it were somehow possible to view the server-side logic of a cgi script,
>asp page, coldfusion template, etc, we'd all have much bigger problems than
>spam.
>
>.jeff
>
>
>
like terrifying, recurring nightmares......
<tip type="Application development security">
Ensure that you have some kind of error reporting built into your
applications, not only for development, but also for testing and
security reporting.
Log failed queries, incoming data that is malformed, failed login
attempts and anything else that you think would be of note if you had to
come back in a few months and debug any unusual / suspicious activity.
Also be sure to have some kind of event log so you can track who has
performed what actions (like changing content).
Better safe than sorry
</tip>
--
------------------------------
Paul Bennett
Internet Developer
Teltest Electronic Design
------------------------------
Email: paul at teltest.com
Phone: 64 4 237 4557
Web: http://www.teltest.com
Wap: http://wap.teltest.com
More information about the thelist
mailing list