|
|
|
|
|
|
by theamk
2397 days ago
|
|
|
Well, there are more and less vulnerable things. For example, making sure that software cannot modify itself will ensure that even if server is vulnerable, it won’t get permanently compromised. Having a server that does not execute any file with right extension makes sure that sanitization errors do not lead to code execution. Having admin system be separate from main site makes sure XSS cannot cause compromises. |
|
|