Detect intrusions

From OWASP
Revision as of 20:58, 3 December 2006 by Sinonada (Talk | contribs)

Jump to: navigation, search

This is a principle or a set of principles. To view all principles, please see the Principle Category page.

This article is a stub. You can help OWASP by expanding it or discussing it on its Talk page.


Categories

Log All user access (IP, Username, Time, web requests, etc.).

If you do this, then someday when your application /site is down/hacked you can trace the culprit and check what went wrong.

You may ask , if the user uses an proxy , Though it will help. As "what happened" is logged and the exploit can be fixed more easily.