Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Using CodeIgniter General Help Prevent attack to api
Prevent attack to api
  • Offline omid_student
    Omid Aghakhani
  • ****
  • Posts: 381
    Threads: 119
    Joined: May 2015
    Reputation: 0
#1
12-20-2017, 12:39 PM

Hello guys
I have api that i created it with resful
I use api key for access to this api
But if hacker can use this api,so hacker can send many data and register in my database with pseudo data
How prevent it?
Reply
  • Offline plonknimbuzz
    Junior Member
  • **
  • Posts: 16
    Threads: 6
    Joined: Dec 2017
    Reputation: 2
#2
12-20-2017, 12:54 PM

you can set expired times to your token and disabled caching might give you little help

---
but the real question is , how he can took your token?

#he got my token from sql injection

so that's not your token problem, but your apps problem

#noo, he got my token from sniffing

so, you need ssl /https


https://www.smashingmagazine.com/2017/04...p-headers/
Reply
  • Offline omid_student
    Omid Aghakhani
  • ****
  • Posts: 381
    Threads: 119
    Joined: May 2015
    Reputation: 0
#3
12-21-2017, 01:52 PM

(12-20-2017, 12:54 PM)plonknimbuzz Wrote: you can set expired times to your token and disabled caching might give you little help

---
but the real question is , how he can took your token?

#he got my token from sql injection

so that's not your token problem, but your apps problem

#noo, he got my token from sniffing

so, you need ssl /https


https://www.smashingmagazine.com/2017/04...p-headers/

This url https://www.smashingmagazine.com/2017/04...p-headers/ is helpful
Thanks
Reply




Theme © iAndrew 2016 - Forum software by © MyBB