sjordi 38 Posted January 10, 2023 (edited) Anyone here with RADServer setup experience? I'd like to find some advice or resources on how to secure the Server besides the SSL certificates and usual Apache/NGinx stuff. It would be more on how to avoid anyone being able to hack into the server and change/get data just by using the URL. Using DataSource parameters is a good way to avoid escaping all URL characters and avoiding SQL injection. Found that: https://blogs.embarcadero.com/tech-tip-how-do-i-secure-rad-server-for-production-deployment/ But besides that? It seems to me, without practicing, that passing everything via the URL is a wide open door to guess what could be other URL keywords, variables, etc... I want to make sure that calls are, in a way, logged in with credentials before accessing anything and get answers from the server. That kind of things. I read David I hands on RadServer document, but it's more focused on how to use it for Rest than actually securing it. Thanks for any help and lights on RadServer deployment. Edited January 10, 2023 by sjordi Share this post Link to post
Angus Robertson 526 Posted January 10, 2023 My Delphi web servers have an IP blocked list which hackers get automatically added to based on several criteria, any path with filers ,php, .pl., /,,, ;echo, mysel, etc,since there is no CGI or Perl or MySQL on the site, also if they access pages by IP address instead of the correct domain name using SSL. I also block Tor exit nodes, to try and stop IP blocked users using alternate access. Blocked IP addresses are cleared from the list 24 hours after their last access, and any accesses have a response delayed by one minute, so try and slow down the avalanche of requests hackers make, often hundreds a minute. Currently 179 IP addresses blocked on my main site. Angus Share this post Link to post
sjordi 38 Posted January 10, 2023 Thanks, that sounds like a beefed up fail2ban feature. I'll see what I can do with filtering and the good idea of the IP address instead of the name. Share this post Link to post
tgbs 10 Posted January 10, 2023 2 hours ago, Angus Robertson said: My Delphi web servers have an IP blocked list which hackers get automatically added to based on several criteria, any path with filers ,php, .pl., /,,, ;echo, mysel, etc,since there is no CGI or Perl or MySQL on the site, also if they access pages by IP address instead of the correct domain name using SSL. I also block Tor exit nodes, to try and stop IP blocked users using alternate access. Blocked IP addresses are cleared from the list 24 hours after their last access, and any accesses have a response delayed by one minute, so try and slow down the avalanche of requests hackers make, often hundreds a minute. Currently 179 IP addresses blocked on my main site. Angus How do You get it is Tor client? Share this post Link to post
Fr0sT.Brutal 897 Posted January 11, 2023 13 hours ago, Angus Robertson said: I also block Tor exit nodes Those who use it to break through blocks on their side will say many "thanks" Share this post Link to post
Angus Robertson 526 Posted January 11, 2023 This particular web site is aimed at the UK market and has little interest for those outside the UK, it contains information about UK telephone and broadband networks. Some information is free but limited, businesses pay for access. But some users try multiple IP addresses to get around my counting accesses against IP addresses, and Tor is easy for them (I assume). I just went through the 50,000 accesses sequentially to my database to find Tor exit nodes. I did accidentally block access to British Telecom at the same time, got a phone call from their network people asking why their staff could no longer access my site (for free)... Angus 2 Share this post Link to post
![Delphi-PRAXiS [en]](https://en.delphipraxis.net/uploads/monthly_2018_12/logo.png.be76d93fcd709295cb24de51900e5888.png){kind=logo}
