1. Patch your SQL server regularly
2. Limit the use of dynamic queries
3. Escape user input
4. Store database credentials in a separate file
5. Use the principle of least privilege
6. Turn magic quotes off
7. Disable shells
8. Disable any other DB functionality you don’t need
9. Test your code
No comments:
Post a Comment