Hacking Your Website with Troy Hunt

Carl and Richard talk to Troy Hunt about hacking yourself - testing your web site's defenses before someone else does! The conversation starts out talking about FireSheep and the need to use SSL everywhere. If you log in, you should be using SSL! Troy runs down a list of the common exploits you should test against, like SQL injection and cookie spoofing. There's also a discussion around cross-site scripting and X-Frame-Options. There are some simple things that script kiddies can do to exploit your site - you should do them first, and then defend yourself!Support this podcast at — https://redcircle.com/net-rocks/donations