If you are using assistive technology and are unable to read any part of the HostMonster website, or otherwise have difficulties using the HostMonster website, please call 866-573-HOST and our customer service team will assist you.
Skip to main content

HostMonster Web Hosting Help

SQL Injection - Database Vulnerability

What is it?

SQL injection is an extremely damaging attack in which hackers will attempt to access information stored in your database, such as customer data or user IDs and passwords. SQL stands for Structured Query Language and is the programming language understood by databases. By inserting commands from this programming language into fields on your website's input forms, hackers can gain access to the database records of vulnerable sites, stealing credit card data, passwords, e-mail addresses and any additional data available in the database.

What is the impact?

The impacts of this type of attack can be devastating. Having stolen client information from a compromised website can be hard to recover from and possibly expensive depending on the information stolen. It will also badly damage your company's reputation by exposing your customers' private data to criminals.

How does SiteLock protect me?

SiteLock's patent-pending 360-degree scan technology tests each input box on your website to ensure that they are not vulnerable to this type of attack. We verify the safety of each input box on your website by inserting code in the way hackers would. We do not read or collect any data, however. We use safe test procedures and code and if we discover a vulnerability in our testing, we report it to you immediately. Our Expert Services team can also help you remove these issues from your site.

What can I do about it?

Make sure any applications you use are kept up-to-date and limit the use of third-party plug-ins where possible as they can be a source of many issues and may be updated less frequently or created by unscrupulous publishers. Use a website scanning service that includes SQL injection scans, such as SiteLock. If you are writing your own code, be sure to validate your input fields for special characters and ensure you are checking for this type of hacking in your database procedures called from the website.

Knowledgebase Article 36,335 views bookmark tags: sitelock


Was this resource helpful?

Did this resolve your issue?


Please add any other comments or suggestions about this content:





Recommended Help Content

This article will explain what to do when SiteLock finds a vulnerability.
Knowledgebase Article 34,083 views tags: sitelock

This article will explain the benefits of SiteLock for small businesses.
Knowledgebase Article 55,304 views tags: sitelock

This article will explain the benefits of SiteLock in regards to application scanning.
Knowledgebase Article 31,924 views tags: sitelock

Related Help Content

This article will explain the benefits of SiteLock in regards to virus scanning.
Knowledgebase Article 35,272 views tags: sitelock

This article will explain the benefits of SiteLock in regards to reputation monitoring.
Knowledgebase Article 30,888 views tags: sitelock

This article will explain how and when to contact SiteLock for support.
Knowledgebase Article 67,475 views tags: security sitelock

This article will explain the benefits of SiteLock in regards to cross-site scripting (XSS).
Knowledgebase Article 38,575 views tags: sitelock

This article will explain how to install the SiteLock Trust Seal.
Knowledgebase Article 80,059 views tags: sitelock

This article will explain how to order SiteLock
Knowledgebase Article 65,424 views tags: security sitelock

This article will explain MySQL database and user creation and deletion, and explain how to assign a user to a database.
Knowledgebase Article 660,689 views tags: creation database mysql

An overview of SiteLock Lite
Knowledgebase Article 72,730 views tags: products security sitelock

This site utilizes JavaScript to function correctly. Looks like it's disabled on your browser. Please enable it for your best experience.

For instructions on enabling JavaScript, click here