Web Development

General discussion


DOWNLOA Protect your Web site from cross-site scripting attacks

By Mark W. Kaelin Editor ·

Have you had to fend off cross-site scripting attacks on your Web site? Tell us how you handled the problem and what you did to secure any vulnerability.

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

Website security

by davoud In reply to DOWNLOAD: Protect your We ...

Hi Mark,

Thanks for the info. This is exactly what i was looking for. Actually I had posted a message under how to protect a website up here.

I downloaded the webgoat with JDK but it did not have the installer for JDK and I had to download it from Java Technology's website.

During the installation I got a warning from my firewall that Java is trying to listen to the computers... and ofcourse I blocked it. Attempting to run the webgoat after setting the Set_home, returns nothing.

I get a message about the port 80 that it might be in use by another service(which I believe it is the firewall).

Now what do you think about this? Do you think it is O.K to let the Java to listen?

A little concerned about letting java to listen to the computers...do not want to open the doors for hackers!!!

Any idea?

Collapse -

Firewall setting for WebGoat

by another_ronlewis In reply to Website security

It's probably not a good idea to make WebGoat available to the world. What I did was set my firewall to accept inbound port 80 connections only from (or local host).

Hope this helps,

Collapse -


by davoud In reply to Firewall setting for WebG ...

Thanks very much for your message. I will see what i can do. In the mean time, if you would like, you could check your ports on line with the Shieldsup to make sure they are stealth.

here it is the website:


Related Discussions

Related Forums