Orange.Portal has protection from different types of attacks:
- SQL Injection
- All queries processed through queries object model that escapes suspicious characters in queries automatically.
- There are different types of safe data formatting.
- Default form constructor contains finction for adding special code for sessions protection.
- This type of attacks is difficult to withstand, but there are two ways to minimize consequences. You can enable file caching and memcache. In that case system will work without connection to database for most of requests.