Web Security Fundamentals

Study Notes

Ensuring the security of web resources is essential for protecting web applications, websites, and online services from various threats and attacks.
Web security involves measures and practices to protect online resources and user data, ensuring confidentiality, integrity, and availability.

Web vulnerabilities are weaknesses or flaws in websites, web applications, and web services that can be exploited by malicious actors.
These vulnerabilities can lead to data breaches, unauthorized access, and other malicious activities.

A directory traversal attack is where a hacker gains access to and navigates between web directories and files.
Also known as the ../ attack (dot dot slash attack).
An HTTP exploit aimed at accessing restricted files or viewing random files on a web server, such as password files and SSL private keys.
Sensitive files include root, htaccess, and conf files.
Prevention methods include:
- Using the latest web server software and maintaining the server.
- Implementing Access Control Lists and ensuring appropriate access rights.
- Using Google Hack Honeypot.

An SQL injection attack is an attempt to manipulate data or a database by inserting rogue code into a query.
Rough code can be used to manipulate the database, change tables, modify or delete data, or retrieve important information.
Involves injecting malicious SQL queries into input fields or parameters on a website.
Prevention methods include:
- Parameterizing queries instead of directly embedding user input.
- Escaping characters that have a special meaning in SQL.
- Pattern-checking parameters.
- Restricting access to sensitive tables with database permissions.

XSS allows attackers to insert client-side script into web pages.
Occurs when an attacker injects malicious scripts (usually JavaScript) into web pages viewed by other users.
These scripts can steal sensitive information, such as cookies or session tokens, from the victim's browser.
Prevention methods include:
- Escaping user input to prevent malicious interpretation.
- Validating user input to prevent malicious data.
- Sanitizing data to remove unwanted characters.

Use HTTPS to encrypt data in transit and prevent eavesdropping and tampering.
Conduct regular security audits and penetration testing to identify and fix security gaps.
Update and patch systems to mitigate known vulnerabilities.
Implement strong authentication, including multi-factor authentication and strong password policies.
Validate user inputs and encode outputs to prevent injection attacks.
Implement secure configuration, including disabling unnecessary features and services.
Implement access control, including least privilege access control.
Continuously monitor web traffic and log events to detect and respond to suspicious activities.

Web Application Firewalls (WAF) protect web applications by filtering and monitoring HTTP traffic.
Security Information and Event Management (SIEM) systems collect and analyze security data from various sources to detect threats.
Vulnerability scanners automate the detection of security vulnerabilities in web applications.
Content Delivery Networks (CDN) distribute content across multiple servers to improve performance and protect against DDoS attacks.
Identity and Access Management (IAM) systems manage user identities and control access to resources.