Search
Last Articles:
- Don’t bother to optimise your website, optimise your company…
- A cheap budget website is false economy, just don’t bother…
- Care agency website - Sunshine Care Plymouth
- Want to spy on your website visitors!
- Free Internet Explorer 6 (IE6) test software helps reduce the pain…
- Internet Explorer 6 (IE6) why should I upgrade?
- New website and new luxury food range
- Golf cottages - St Mellion Cornwall
- Outside catering service in Devon
- NowCornwall.com self catering for all!
Blogroll:
- Database development - Website database development
- Ecommerce development - Ecommerce
- Holiday Cottages Blog - Holiday Cottages Cornwall
- Hotel & guest house website design - Hotel & guest house web design
- Short Breaks - Short breaks Devon and Cornwall
- Telesales and Telemarketing company - Telesales and Telemarketing company
- Web design Plymouth, Devon - Web design Plymouth
- Website maintenance - Website maintenance
Meta
Categories:
Monthly Archives
SQL Injection Therapy
Posted on July 2008 in Articles
A database-driven website can be a very powerful marketing tool. For one thing it can be used to maintain your website content so keeping it fresh e.g. with news and events. For another it can power complex searches, such as ebay and autotrader to name a couple.
Unfortunately there are people out there who will make money out of exploiting weaknesses in your website code in order to update your database with ‘malware’ and in doing so use your site for their own ends. Forget right and wrong. Most of us know that it’s impossible to police the internet, so while this is clearly wrong (and deserving of a seriously good hiding to the perpretrator), the only answer is to tighten up the site.
One of our customers had their site hacked into via SQL injection techniques, which basically exploit weaknesses in SQL code to update your database, in this case to append fields with script code which points the site user to various malware sites. As I discovered, it’s not just a matter of cleaning the database up, because once your site becomes a target, it will get hit over and over.
I won’t bore you with the details and solution. Microsoft are happy to explain the problem and guide you on that on their support site here. I tightened up database security as the main method of removing the problem. The site was temporarily blocked by google, but use of our webmaster tools soon sorted this out. The site is now back up and running I’m pleased to say.
Let us know if you need any help dealing with sql injection attacks or any other help with website maintenance. Initial Advice as always is FREE.
Dave.
Content Management For Dummies
Posted on July 2008 in News
Nope I’m not talking about those idiot’s guides telling you all you need to know about content management systems. I wanted to report that I’ve finished the first phase of our very own content management system, which will allow us to give our clients the ability to maintain their own website content.
Don’t get me wrong, I don’t regard our customers as dummies (that couldn’t be further from the truth), but neither are they html developers, well-versed in delving inside web-pages to update them without breaking anything.
With our CMS, we can use the “economies of scale” principle; develop one CMS and provide it to many clients at a reduced price, over time paying for the initial investment. What a great idea. I’m glad I thought of it.
I’m thinking this will be useful for customers who host with us that want to add news items to their site, but don’t want the expense or inconvenience of doing so in the normal way (by giving us the information so that we can update it).
It’s just about to go live on our latest site, for rockys grill, steak house Plymouth on the barbican in Plymouth, but more of that later…Dave.
Visit Rockys Grill, restaurant Plymouth


