0

Hackers attack my website through sql injection and running fake queries how to prevent them need help.

Is there any firewall which prevent Hackers attacks etc or i should use mysql_real_escape_string($_REQUEST);

2
  • you should use mysql_real_escape_string for preventing sql injection Commented Aug 6, 2012 at 10:00
  • possible duplicate of Best way to prevent SQL Injection in PHP Commented Aug 6, 2012 at 10:03

2 Answers 2

1

Is there any firewall which prevent Hackers attacks etc

No, firewalls are of no use. Attackers insert their inputs (queries) in the usual place (HTML textbox, URLs etc). If it was possible, firewalls wouldn't be able to distinguish between genuine and evil users.

You must use `mysql_real_escape_string(..). Or even better use prepared statements

Sign up to request clarification or add additional context in comments.

2 Comments

I have read in some sites mysql_real_escape_string(..) can be hacked if yes then what would be the best solution to edit my script currently i can't shift my script on frameworks etc.
mysql_real_escape_string(..) is being deprecated (BTW, I am interested in reading from those sites; can you link in?). Using MySQLi/PDO is the best and safest way..
0

If your site contains valuable data like user data please shut your site down before fixing the problem.

Copy the log and copy the fake queries the hackers performed. This will help you in determining the security leak of your application.

If you wrote the application yourself you should read up on good security practices and update your application accordingly.

If you're using a third party application like Wordpress or Drupal please update to the latest versions of the code you're using. Try to reproduce the hack, if you fail: good! If you succeed in hacking: fix the leak or stop using the code.

If you're using a framework like Symfony or Zend Framework, please update to the latest version and try to reproduce the hack.

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.