Protecting service from automation/robots when exposing 'add' functions RRS feed

  • Question

  • I created a WCF service that serves my android application.
    the service allows users to get data from db and to add data.

    I'm kind of scared that the service is open to the internet and someone can start messing around and send a lot of messages to the service and will mass up my db.

    What is the best practice for that?

    Sunday, August 27, 2017 4:57 PM

All replies

  • What is the best practice for that?

    I'm kind of scared

    What you should be scared about is that you expose a computer running the Windows O/S to the public internet, which is probably hack bait by now.

    If IIS, file system, registry, O/S and user accounts are not harden to attack for a machine running the Windows O/S being exposed to the public Internet, then it can be nothing but hack bait used as a jumping off point to attack networks on the Internet. 

    There are 1,000 page books covering the hardening of the Windows O/S,  etc. and ect. and the experts can hardly do it.

    I suggest you find a service hosting provider.

    Sunday, August 27, 2017 10:51 PM