On Mon, Jul 27, 2009 at 10:55 AM, Vamsee Kanakala <vkanak...@gmail.com> wrote: > Raja Subramanian wrote: >> A friend runs a website which was hacked recently -- someone >> injected javascript into all the html files and did some bad things. > > Also called XSS - cross-site scripting attacks. The best way to avoid this is > clean up all the inputs that the forms are accepting from the users. This > might be what you're looking for:
Thanks for all the suggestions on fixing the problem, I should mention that I am aware of the commonly used attacks as well as techniques and tools to thwart them. This website is 100% static html and does not contain any dynamic bits or html forms. The problem occurred due to web server config issues by the hosting provider and this has been resolved independently. Seems like the only solution for my problem is to put together my own solution, though I find it unlikely that I'm the only one with such a requirement! - Raja _______________________________________________ To unsubscribe, email ilugc-requ...@ae.iitm.ac.in with "unsubscribe <password> <address>" in the subject or body of the message. http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
