Learn to Code via Tutorials on Repl.it

← Back to all posts
Website Security Tips
LiamDonohue (167)

Website Security Tips:

#1: Don't Include file exstentions in your webpage


Because someone can easily view your code by entering the file name after the URL
such as mysite.com/script.js

#2: Host Your Databases on a separate server

Again, someone could tamper with it

#3: Don't allow javascript code to be entered in text boxes

Someone could completely screw up your website

#4: Name the file that has passwords stored in it something random, like Unclestevestacorecipe

any suggestions?

Highwayman (958)

What exactly do you mean by the top one?

LiamDonohue (167)

users don't need to know the file names especially users who may mess it up @Highwayman

Highwayman (958)

@LiamDonohue but what do you mean by include file extentsions?

LiamDonohue (167)

like: mysite.com/index.html @Highwayman

Highwayman (958)

@LiamDonohue OOHHH!! Oh! Ok! I see ok thank you :)

adityaru (66)

@LiamDonohue Wait, how do you remove it?

Highwayman (958)

Option a) make a server to handle redirects
Option b) don’t name your files with file extensions.