Welcome Guest, Not a member yet? Register   Sign In
Prevent attack to api
#1

Hello guys
I have api that i created it with resful
I use api key for access to this api
But if hacker can use this api,so hacker can send many data and register in my database with pseudo data
How prevent it?
Reply
#2

you can set expired times to your token and disabled caching might give you little help

---
but the real question is , how he can took your token?

#he got my token from sql injection

so that's not your token problem, but your apps problem

#noo, he got my token from sniffing

so, you need ssl /https


https://www.smashingmagazine.com/2017/04...p-headers/
Reply
#3

(12-20-2017, 12:54 PM)plonknimbuzz Wrote: you can set expired times to your token and disabled caching might give you little help

---
but the real question is , how he can took your token?

#he got my token from sql injection

so that's not your token problem, but your apps problem

#noo, he got my token from sniffing

so, you need ssl /https


https://www.smashingmagazine.com/2017/04...p-headers/

This url https://www.smashingmagazine.com/2017/04...p-headers/ is helpful
Thanks
Reply




Theme © iAndrew 2016 - Forum software by © MyBB