Enhancing Web Security: A Comprehensive Approach to Detect and Prevent SQL Injection Attacks through Innovative Query Comparison and Encryption Algorithms

In the modern world, web apps are now essential to meeting the daily needs of every company. Databases are used by these applications to store, organize, retrieve, and process data and information. The bulk of its attacks are therefore focused on databases. The frequency of website attacks and the compromise of people's private data are rapidly rising. Since the advent of social networking and e-commerce, web security has gained popularity due to the prevalence of assaults like spam and phishing. For this reason, web applications must be securely designed to prevent unauthorized access to customer databases, bank accounts and transactions are not intercepted, and information is not destroyed or stolen. This paper presents a novel algorithm for website attacks that also stops hackers from gaining early access to databases through the web application without actually accessing the databases. The suggested algorithm uses prevention techniques, blocks the hacker's address, rejects the hacker's request when the query is executed, and updates security often to prevent unauthorized access to the web application. To ensure that everything is adequately safeguarded, this algorithm is also made to operate in many layers, working at the URL and web application levels. Research was conducted to enhance web software security, and a defense system that guards against SQL Injection was created. The developed software creates a protection mechanism using PHP, JavaScript, and regular expression, a formal language theory. This solution gives users a way to secure their web applications from potential attacks by defending against SQL Injection vulnerabilities in web resources.