This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Detect intrusions"
From OWASP
(→Categories) |
(→Categories) |
||
| Line 9: | Line 9: | ||
'''Log All user access (IP, Username, Time, web requests, etc.).''' | '''Log All user access (IP, Username, Time, web requests, etc.).''' | ||
| − | If you do this, then someday when your application /site is down/hacked you can trace the culprit and check what went wrong. | + | If you do this, then someday when your application/site is down/hacked you can trace the culprit and check what went wrong. |
| − | You may ask , if the user uses | + | You may ask, if the user uses a proxy, though it will help. As "what happened" is logged and the exploit can be fixed more easily. |
Revision as of 02:59, 4 December 2006
This is a principle or a set of principles. To view all principles, please see the Principle Category page.
This article is a stub. You can help OWASP by expanding it or discussing it on its Talk page.
Categories
Log All user access (IP, Username, Time, web requests, etc.).
If you do this, then someday when your application/site is down/hacked you can trace the culprit and check what went wrong.
You may ask, if the user uses a proxy, though it will help. As "what happened" is logged and the exploit can be fixed more easily.
