带你深入了解Access数据库的4种安全方式-Mysql Tutorial-php.cn

Home

Database

Mysql Tutorial

带你深入了解Access数据库的4种安全方式

WBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWB

Jun 07, 2016 pm 04:21 PM

access learn Safety database Way go deep

一、密码式给数据库起一个随机复杂的名称，避免被猜到被下载，这种方式在以前很流行，因为大家都对自己的代码很有自信。但随着错误提示对数据库地址的泄露导致数据库被非法下载，这种方式也就越来越少人用了。二、#式在数据库名称里加上#号，从URL上请求

　　一、密码式

　　给数据库起一个随机复杂的名称，避免被猜到被下载，这种方式在以前很流行，因为大家都对自己的代码很有自信。但随着错误提示对数据库地址的泄露导致数据库被非法下载，这种方式也就越来越少人用了。

　　二、"#"式

　　在数据库名称里加上#号，从URL上请求时#是请求地址和请求参数的一个分隔字符，如果知道了数据库名，直接请求的话，如：#.mdb，WEB服务器会认为请求的是access而不是access#.mdb，所以会提示找不到文件，但是很遗憾，URL中对于这些特殊的字符都会有一个特殊的表示方式,#的特殊表示就是%23，如%23.mdb，那么access#.mdb将会被下载。还有如果用FlashGet之类的下载工具也可以直接下载。

　　三、asp式

　　这种作法是比较专业但也是很安全的也是现在比较流行的作法，，但是现在许多的人只是作了一半，只是将数据名改成ASP而以，这样的话直接用FlashGet之类的下载工具一样可以将数据库下载，这种方式的正确作法：

　　在数据库内创建一个字段，名称随意，类型是OLE对象，内容设置为单字节型的"

　　这段代码运行完之后将会在数据库内生成一个nodownload表，表内字段是notdown。如果数据库内已有同名的数据表存在请将代码内的nodownload改成自己想要的数据表名即可。

　　四、asa式

　　这种方式的真谛是利用IIS对ASA文件的保护，从而使得数据库文件不能从URL上直接请求下载，但是这种方式被误解成只要将文件后缀改成ASA就可以了。要知道IIS只是对global.asa这个文件名有请求保护，所以这种方式只能将数据库名设置为global.asa，而且要注意的是，设置成global.asa之后最好不要将其放在主机或虚拟目录的根目录里，不然会被IIS当然正常的global.asa文件进行尝试运行的

Statement of this Website

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Hot AI Tools

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress images for free

Clothoff.io

AI clothes remover

Video Face Swap

Swap faces in any video effortlessly with our completely free AI face swap tool!

Hot Article

Assassin's Creed Shadows: Seashell Riddle Solution

3 weeks ago By DDD

What's New in Windows 11 KB5054979 & How to Fix Update Issues

2 weeks ago By DDD

Where to find the Crane Control Keycard in Atomfall

3 weeks ago By DDD

Assassin's Creed Shadows - How To Find The Blacksmith And Unlock Weapon And Armour Customisation

1 months ago By DDD

Roblox: Dead Rails - How To Complete Every Challenge

3 weeks ago By DDD

Hot Tools

Notepad++7.3.1

Easy-to-use and free code editor

SublimeText3 Chinese version

Chinese version, very easy to use

Zend Studio 13.0.1

Powerful PHP integrated development environment

Dreamweaver CS6

Visual web development tools

SublimeText3 Mac version

God-level code editing software (SublimeText3)

Hot Topics

Where is the login entrance for gmail email?

7615

CakePHP Tutorial

1387

What is the format of the account name of steam

win11 activation key permanent

nyt connections hints and answers

136

Related knowledge

MySQL: Simple Concepts for Easy Learning Apr 10, 2025 am 09:29 AM

MySQL is an open source relational database management system. 1) Create database and tables: Use the CREATEDATABASE and CREATETABLE commands. 2) Basic operations: INSERT, UPDATE, DELETE and SELECT. 3) Advanced operations: JOIN, subquery and transaction processing. 4) Debugging skills: Check syntax, data type and permissions. 5) Optimization suggestions: Use indexes, avoid SELECT* and use transactions.

MySQL: An Introduction to the World's Most Popular Database Apr 12, 2025 am 12:18 AM

MySQL is an open source relational database management system, mainly used to store and retrieve data quickly and reliably. Its working principle includes client requests, query resolution, execution of queries and return results. Examples of usage include creating tables, inserting and querying data, and advanced features such as JOIN operations. Common errors involve SQL syntax, data types, and permissions, and optimization suggestions include the use of indexes, optimized queries, and partitioning of tables.

Why Use MySQL? Benefits and Advantages Apr 12, 2025 am 12:17 AM

MySQL is chosen for its performance, reliability, ease of use, and community support. 1.MySQL provides efficient data storage and retrieval functions, supporting multiple data types and advanced query operations. 2. Adopt client-server architecture and multiple storage engines to support transaction and query optimization. 3. Easy to use, supports a variety of operating systems and programming languages. 4. Have strong community support and provide rich resources and solutions.

How to use Debian Apache logs to improve website performance Apr 12, 2025 pm 11:36 PM

This article will explain how to improve website performance by analyzing Apache logs under the Debian system. 1. Log Analysis Basics Apache log records the detailed information of all HTTP requests, including IP address, timestamp, request URL, HTTP method and response code. In Debian systems, these logs are usually located in the /var/log/apache2/access.log and /var/log/apache2/error.log directories. Understanding the log structure is the first step in effective analysis. 2. Log analysis tool You can use a variety of tools to analyze Apache logs: Command line tools: grep, awk, sed and other command line tools.

Solution to MySQL encounters 'Access denied for user' problem Apr 11, 2025 pm 05:36 PM

How to solve the MySQL "Access denied for user" error: 1. Check the user's permission to connect to the database; 2. Reset the password; 3. Allow remote connections; 4. Refresh permissions; 5. Check the database server configuration (bind-address, skip-grant-tables); 6. Check the firewall rules; 7. Restart the MySQL service. Tip: Make changes after backing up the database.

How to configure Debian Apache log format Apr 12, 2025 pm 11:30 PM

This article describes how to customize Apache's log format on Debian systems. The following steps will guide you through the configuration process: Step 1: Access the Apache configuration file The main Apache configuration file of the Debian system is usually located in /etc/apache2/apache2.conf or /etc/apache2/httpd.conf. Open the configuration file with root permissions using the following command: sudonano/etc/apache2/apache2.conf or sudonano/etc/apache2/httpd.conf Step 2: Define custom log formats to find or

Summary of phpmyadmin vulnerabilities Apr 10, 2025 pm 10:24 PM

The key to PHPMyAdmin security defense strategy is: 1. Use the latest version of PHPMyAdmin and regularly update PHP and MySQL; 2. Strictly control access rights, use .htaccess or web server access control; 3. Enable strong password and two-factor authentication; 4. Back up the database regularly; 5. Carefully check the configuration files to avoid exposing sensitive information; 6. Use Web Application Firewall (WAF); 7. Carry out security audits. These measures can effectively reduce the security risks caused by PHPMyAdmin due to improper configuration, over-old version or environmental security risks, and ensure the security of the database.

What is apache server? What is apache server for? Apr 13, 2025 am 11:57 AM

Apache server is a powerful web server software that acts as a bridge between browsers and website servers. 1. It handles HTTP requests and returns web page content based on requests; 2. Modular design allows extended functions, such as support for SSL encryption and dynamic web pages; 3. Configuration files (such as virtual host configurations) need to be carefully set to avoid security vulnerabilities, and optimize performance parameters, such as thread count and timeout time, in order to build high-performance and secure web applications.

See all articles