On Monday we had to fire a customer, not much in sales, very late payments, rude... they were costing us money and nerves!
Their website account was deactivated at once.
Today the IT guy responsible for our b2b website showed me a log file:
OK, so the IT guys around here are probably laughing already The rest is probably thinking "huh???" Let me explain: This was the attempt of a so called SQL injection attack, an attacker tries to find out informations about the data on the website, either to steal it or to destroy it.
That doesn't work on our site, we check each input for stuff like that and we log suspicious activity. Right now we watch this closely, if they try something like that again we'll take action.
Their website account was deactivated at once.
Today the IT guy responsible for our b2b website showed me a log file:
Code:
<username of fired customer> suspicious activity, password was: "bla); show tables;--"
That doesn't work on our site, we check each input for stuff like that and we log suspicious activity. Right now we watch this closely, if they try something like that again we'll take action.
Comment