Remote File Inclusions Pose Threat to Web Server Security

A common capability on many Web server and content management platforms is the ability to perform Remote File Inclusions (RFIs), which allow users to simply upload an image or a file. Yet RFIs might well be the most pervasive threat on the Web today, according to new research published by cloud security firm Incapsula.

Incapsula examined some 500 million Web sessions to its service over a six-month period and found that 25 percent of them were at risk from an RFI-based attack vector.