Quote:
|
Originally Posted by redhead
You might considder reading this thread on securing your submitted passwords.
hmm.. perhaps a 410 - gone or 403 - denied will be more suitable..
The "security through obscurity" will only work for so long.. |
That page was abit confusing (well some of it I understood, but it didn't really help my problem that much.)
BTW
But surely a 403 error would show the file DOES exist, which I would think would make it easier for any script kiddies to try and start doing things.
PS its not just passwords, I want advice about, any small exploits that you can see and how to correct them would be great.