【Website Architecture】How is the website system safe? Safety acceptance? Security, network security, SQL blind injection, https, authentication

News 2023-06-25 03:57:12 views: null

Hi everyone, and welcome to the Stop Refactoring channel.

In this issue we discuss the security of website systems .

The importance of security is self-evident. Most of the security issues are indeed modified according to the guidelines after the security scan.

However, there are still some problems that are particularly troublesome to modify, and these problems will seriously affect the online time.

In this issue, our focus is not to list all the security issues, but to focus on discussing which security issues must be resolved during the development phase to make the project go online or deliver more smoothly.

We discuss in this order:

  1. How is the website system considered safe? 

  2. cyber security

  3. environment safety 

  4. system security 

  5. other

How is the website system considered safe? 

How is the website system safe ? There are many companies that provide security testing services. They will do penetration testing, security scanning, etc., and issue security scoring reports.

As long as the score is passing, it is considered safe.

Of course, these security reports will have their own standards, but in the case of domestic projects, the standard of "level protection" (level protection of information security) is generally adopted.

Generally , it is enough to meet the requirements of level three or above . Many projects also use the third level of security as the safety acceptance standard . If you have no concept of safety testing, you can take a look at the outline of the third level of security.

Although security issues are complex, they are actually divided into three categories: network, environment, and system .

cyber security

The first is cybersecurity.

Generally, large-scale websites need to isolate the network area , in order to prevent attackers from directly controlling the server.

It is necessary to put system applications and data in an isolated area that does not have access to the public network.

Requests need to pass through a unified gateway program to be reverse-proxyed into the network isolation zone.

For the problem of the system calling third-party services on the public network, it is necessary to add an external agent as the general exit of the call .

 For external proxy, you can use Nginx's four-layer proxy , one port corresponds to a third-party service, although the seven-layer proxy can correspond to all https requests on one port, but the actual application is not stable.

Another important point of network security is https.

For https, it is actually not complicated. It is not necessary to replace all services of the entire website with https . It is only necessary to ensure that https is configured at the gateway layer, and the internal calls of the system still use http.

Of course, other network security issues are also very important, such as call whitelists, etc., but in general, network calls are restricted at the beginning, and network policies can be gradually added according to the expansion of functions.

Issues related to network security will hinder the release and debug to a certain extent, so it is generally only necessary to deploy to the production environment.

However, it is best to consider the deployment of this set of network environment at the early stage of the project , because it may be too late to do it later in the project, after all, there will be many practical problems.

environment safety 

Next is environmental safety.

Environmental security refers to the security of the operating system and basic software , such as system version, system vulnerability repair, basic software vulnerability repair, password security, etc.

Of course, most environmental security issues can be rectified based on the security scan results.

But there is one thing that needs to be paid attention to, for the basic software version , such as MySQL. It is best to investigate at the beginning whether the software version to be used has security problems, or whether the version is allowed to be used, and do not wait until it is scanned for security to find that the version cannot be used.

Although the upgrading and upgrading of the basic software is very simple, but there are differences in functions between versions , so some business functions may not be available after the basic software is upgraded and upgraded, and re-testing will waste a lot of cost .

system security

The last is system security, which is the security issue of the software we develop .

These problems generally need to be dealt with in the development stage, otherwise the rectification of these problems may be disastrous .

There are several key issues in system security: one is interface permissions ; the other is blind SQL injection ; the third is encryption of sensitive information ; the fourth is logs .

Interface authentication is relatively easy to ignore, such as user login check, user role permission check, etc.

What needs to be specially explained is that if the parameters of user id, user authority, and user information are involved , it is best to forcibly obtain coverage through session information , otherwise authentication will be reduced to decoration.

Don't think about adding it later in interface authentication , it needs to be done well during development .

Because it is a particularly stupid thing to add additional permissions to hundreds or thousands of interfaces at a time in the later stage. Regarding the issue of interface permissions, we will discuss in detail in the follow-up "Single Sign-On System Architecture Design".

The other is SQL blind injection , which can generally be solved by using database operation frameworks such as MyBatis .

The basic principle of SQL blind injection is to expand the established SQL statement by passing in single quotes (') to obtain or modify information other than the original function.

For example: the SQL statement for checking the account password is as follows. If the blind SQL injection is not prevented, when the user enters a string with single quotation marks in the password, the password verification can be bypassed.

The third is encryption of sensitive information . Some sensitive information needs to be encrypted, such as passwords and certain identity information.

The information stored is encrypted information . In order to prevent data leakage, if the specific encryption/decryption algorithm is not known, the data is meaningless.

The fourth is the log . We focus on the log on many issues, because the log is really very important.

During development and debugging, you can initially locate the problem. In terms of operational issues, you can also determine whether the operation described by the user has occurred. In terms of security issues in this issue, you can analyze the means of information theft and tampering through logs.

For detailed rules about logs, please refer to the previous issue of "Backend Regularization".

other

In addition to the security points mentioned above, it may be necessary to consider some security mechanisms to prevent flood attacks and fuses, but in fact, these problems can basically be solved by connecting to the security bastion machine WAF .

The role of the security bastion host is to monitor requests, and intercept requests if they are illegal. As for the definition strategy of illegal requests, it can generally be configured.

If conditions permit, it is best not to wait for the access of the security bastion host to go online .

Because the security bastion machine may misjudgment a certain business request , these interfaces need special processing. If they are discovered during the development stage, there will be no temporary problems before going online.

Summarize

The security issues mentioned above are only relatively general issues. Depending on the specific business system, there may be special security issues. For example, the live broadcast platform will have issues such as anti-theft of live streams. These issues are best considered in the development stage.

Security is the last issue of the overall architecture of the website system. As of this issue, we have discussed all the key issues of the large-scale website architecture.

Next, we will introduce the architecture design process of some specific systems, and some products will be launched simultaneously, so stay tuned.

 

Guess you like

Origin blog.csdn.net/Daniel_Leung/article/details/128279390
Recommended
Ranking
SpringBoot-integrate redis
[Sword pointing to offer] Interview question 03: Repeated numbers in an array
Arrangement "Offer Penalty for prove safety" string
Browser prevent the automatic generation of fill and Echo have been saved account solutions
Work hard and never slacken——2022 Yinmai Information Year-End Summary
Install jdk7 on Linux system
App common dependency management tools
EduCoder-Web程序设计基础-html5— 给表单组件添加说明-第1关:label标签相关概念
Machine learning - clustering - density clustering algorithm notes
Ant's large model is exposed, AI+ finance enters the "big model" era
Daily
More
2024-04-30(36)
2024-04-29(5)
2024-04-28(12)
2024-04-27(29)
2024-04-26(22)
2024-04-25(32)
2024-04-24(30)
2024-04-23(30)
2024-04-22(5)
2024-04-21(0)

Code World

© 2018 codetd.com