I know most of u now expect one of the standard tutorials that explain how someone sql inject your site in order for u to figure out how to protect.Well its not,this tutorial will only give u couple of tips on how to stay protected.First as lot of u know there is allot of sql injection scanners ethical and not ethical that scan Google for sql injection vulnerable sites.There comes the first thing u can do to protect yourself form those random selection boys.Most of those scanners do their scans on so called „Google dorks“ like inurl:index.php?id= or inurl:index.asp?id= or similar.What none of them expect is some custom extension for example if your site is http://site.com/index.php?id=1  start  your browser and find a tutorial somewhere on the internet on how to mask that or check later on this site i will write one .Mask mean that instead of php your site will be shown like site.com/index.mnm?id=1 or some other name u choose.That way your site will not be „picked up “ by those scanners since none of the people that do the mass injection scanning  is not interested in the unique example.they all scan for mass used types like php,asp,aspx,jsp and other common used.
Now lets say the some hacker stumbles on your site by accident and decided to check if he can hack it.There are couple of things u can do to prevent that from happening.First thing u can do is repair your errors.Your errors on site should not give up any useful information except error,or even better way is to make your site redirect to index or some other page instead of showing error.Next thing u can do is if u are owner of the server where site is,u can install mod2 security or some similar package which will also fairly protect u from blind sql injection and error based so called normal sql injection.If u are not owner of the server and u own only small place of the server where your site is u can install some of the sIDS systems (intrusion detection system) one of them will be available here made by me.Or simply do couple of modifications in .htaccess