Security issues

[pidupuis]

• Use HTTPS browsing to prevent MITM attacks
• Generate an SSL certificate
• Protect forms against automated attacks
• Protect password reset form against email spamming
• Create dedicated error pages to hide technical details
• Add Secure attribute to session cookies
• Secure image url input to prevent XSS, phishing and malicious file upload
• Restrict ping and scan to your own monitoring engines