A few years ago, I wanted to build a site that hosted up-to-date information that would be pulled from a datastore and provided to clients. The first solution that comes to mind is a simple php codebase that pulls data from a sql database and dynamically displayed to the user, but as well documented for decades now, it's hard to write secure code and new attacks come out all the time to exploit webapp vulnerabilities.
The extreme avenue here, swinging heavy on the security side, is to provide static content. Generally if there's no inputs, there's no injection attacks. But especially when you want to keep content up to date, even real-time, editing HTML and manually inserting new data is impractical.
So I decided to try something slightly in the middle, which didn't sacrifice security and was much more practical. One can write a python script that sits in on the server, pulls fresh data from the database at regular intervals and then generates and places the static content created on the fly in the webroot. Writing code that writes code is often messy, so that won't be fun, but it's really a short-term sacrifice for long-term security with usability. Now obviously this isn't going to be the best option if you want users to actually be able to interact with your site (other than click links or email you), but if you just want to share information, it works great.
How do you attack that website? There's no attack surface at the webapp layer. The database server is sitting on the localhost with only the script authenticating and talking to it. Just keep your webserver and certs up to date, clean data going into the database and fundamentally, you've got a solid setup with no need to worry about vulnerabilities in the website. Welcome to the 0.0001%.
No comments:
Post a Comment