douwo8140
douwo8140
2016-03-21 06:22
浏览 59

为什么我在我的网站上获得这些超链接? 安全漏洞?

In the image below is where I recently found these malicious hyperlinks.

I tried to log into my web-host and I couldn't find any hyperlinks attached to the elements in my files.

enter image description here

My Questions:

  1. How do I avoid these?
  2. How can I remove them?
  3. Despite these hyperlinks, Is my website vulnerable to any XSS attacks? If yes, please specify the holes i should fill.

I am using Ajax to send an instant response if the email already exists or not; Would this influence the attacker to easily send XMLHTTPRequests to the server?

I just want to make my website 100% safe as in a matter of none would ever get into the database ( confidentiality, integrity, and availability ) considering I have SSL certificate over HTTPS. Even if it's only login system website without many complicated input stuff.

I heard using SQL stored procedures help, also HTML encoding.

Please visit the website and take a look over the code www.tarsh.tk

Any Help/Hints/Tips/Links would be appreciated.

  • 点赞
  • 写回答
  • 关注问题
  • 收藏
  • 邀请回答

1条回答 默认 最新

  • dongwen6743
    dongwen6743 2016-03-21 06:31
    已采纳

    The site at www.tarsh.tk does not have any hyperlinks for me see http://picpaste.com/Screen_Shot_2016-03-20_at_11.29.02_PM-F7OsKLUZ.png.

    Maybe it isn't the site and it is your browser. Have you tried a different browser?

    I used Chrome 49 and Safari 9, both are rendering the site without hyperlinks.

    点赞 评论

相关推荐