Home > Article > Backend Development > Is it safe enough to add U-shield protection to the https website backend?
Is it safe enough to add U-shield protection to the https website backend?
- WBOYOriginal
- 2016-08-18 09:15:401439browse
The background of the website uses https, all operations (including login) are based on POST, and U-shield is used for challenge/response verification, MD5 and SHA1 double verification, all verification codes can only be used once, and all POST data participates in verification For code verification calculations, the local directory is completely read-only (cloud storage is used for uploading, not local), and the database is only accessible via the intranet. Is this safe enough from the code level? Non-program code-level security issues such as server vulnerabilities, social engineering, side notes, and DNS intrusions are not considered.
In addition, imagine a honeypot system. As long as the system detects any attack behavior, it will automatically switch to the honeypot. The appearance of the backend will be exactly the same as the real backend, the data (except sensitive data) will be the same, and all operations will be completely enclosed in the honeypot. Yes Isn't it better?
Reply content:
The background of the website uses https, all operations (including login) are based on POST, and U-shield is used for challenge/response verification, MD5 and SHA1 double verification, all verification codes can only be used once, and all POST data participates in verification For code verification calculations, the local directory is completely read-only (cloud storage is used for uploading, not local), and the database is only accessible via the intranet. Is this safe enough from the code level? Non-program code-level security issues such as server vulnerabilities, social engineering, side notes, and DNS intrusions are not considered.
In addition, imagine a honeypot system. As long as the system detects any attack behavior, it will automatically switch to the honeypot. The appearance of the backend will be exactly the same as the real backend, the data (except sensitive data) will be the same, and all operations will be completely enclosed in the honeypot. Yes Isn't it better?