Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
"Increase the security" without knowing any specifics is too broad a topic. Entire books are written on such topics.
The major insecurity that I have come across in web-based applications is a lack of user input validation. When getting user input from a form, there is often no attempt to verify that the user is supplying the type of information needed, or that the supplied input, if processed normally, will not have unintended consequences (SQL injection, mail header injection, code download/compile/execution, etc.)
If I were to give you only one bit of advice on security for your application, it would be to make sure that you are checking user input.
Well, if the app is done with PHP, J_K9's The Problem With PHP Application Security is a good starting point. Even if it is not PHP, there are still valid points for any language there and at linked sites.