I. Overview
In order to ensure the security of enterprise applications, the report improves application security from two aspects: repairing vulnerabilities and active defense. Security management is added to the management system, which is divided into four parts: Security protection, Access Control, SQL Anti-injection and Global Watermark, as shown in the figure below:
II. Index
| Content | Introduction |
|---|---|
| Security | For the sake of platform security, the security tab page contains six security function switches: Cookie enhancement, HSTs settings, file upload verification, script call formula restriction, security headers, and improve request response. |
| Access Control | When the access frequency of the platform is too high, access control can be turned on to limit the single IP access frequency and reduce the concurrency. |
| SQL Anti-injection | SQL Anti-injection is to prevent SQL injection by disabling special keywords and escaping characters |
| Global Watermark | In the process of enterprise development, a large number of online data will be generated, and preventing data leakage has become the focus of enterprise information security. Watermark is an effective way to prevent data leakage |
前:ユーザ入力の検証