Difference between revisions of "Web deployment policies"

From Jon's Wiki
(Created page with "* Website code should not be able to write to itself * Use https wherever possible * Use salted good hashes for passwords")
 
Line 1: Line 1:
* Website code should not be able to write to itself
+
* Server code should not be able to write to itself
* Use https wherever possible
+
* Use SSL/TLS wherever possible
 
* Use salted good hashes for passwords
 
* Use salted good hashes for passwords

Revision as of 22:33, 24 March 2016

  • Server code should not be able to write to itself
  • Use SSL/TLS wherever possible
  • Use salted good hashes for passwords