views:

38

answers:

1

Hi, I created a db to manage the users of my webpage. What is the way to make this db protected from malicious users? I want to find out what are the main protection methods, as well as less used methods.

+1  A: 

It very much depends on the database that you're using as far as the administration goes. The best practices document is the best place to start if you're using SQL Server. If you're using another database, seek out the best practices documentation you can find using Google.

Next, make sure you read up and understand on "SQL Injection". There are many questions here on SO about it if the Wikipedia article isn't enough for you.

Third, if security is really important, I would not hesitate to ask for a code review from a trusted and experienced third party.

Dave Markle