Protecting against SQL injection attacks v15
EDB Postgres Advanced Server provides protection against SQL injection attacks. A SQL injection attack is an attempt to compromise a database by running SQL statements whose results provide clues to the attacker as to the content, structure, or security of that database.
Preventing a SQL injection attack is normally the responsibility of the application developer. The database administrator typically has little or no control over the potential threat. The difficulty for database administrators is that the application must have access to the data to function properly.
SQL/Protect:
- Allows a database administrator to protect a database from SQL injection attacks
- Provides a layer of security in addition to the normal database security policies by examining incoming queries for common SQL injection profiles
- Gives the control back to the database administrator by alerting the administrator to potentially dangerous queries and by blocking these queries.
sql_protect_overview configuring_sql_protect common_maintenance_operations backing_up_restoring_sql_protect
SQL/Protect overview
Provides an overview about how SQL/Protect guards against different types of SQL injection attacks
Configuring SQL/Protect
Describes the various ways you can configure SQL/Protect
Common maintenance operations
Describes how to perform routine maintenance tasks using SQL/Protect
Backing up and restoring a SQL/Protect database
Describes how to back up and then restore databases configured with SQL/Protect