A secure website is always essential ingredient of peace of mind for both web-master and the end user.These days hundreds of website come alive on the Internet because of high competition and web hosting that comes with cheap price tag.But, what people do not understand is value of hack-proof website.Recently, according to a survey conducted by PricewaterhouseCoopers in the year 2009, companies are reducing their security related costs primarily due to recession.But, the number no. of victims is growing without any hurdle.This clearly indicates immense need for security.This post describes few most basic yet powerful ways to curb any hazard to your websites.
1)Vulnerability Assessment
A vulnerability scanner is a tool that searches and maps a system or network for different possible weakness and report it with feedback for the use of administrator.They can give you possible web application vulnerabilities like sql injection, XSS and firewall security breach.Nikto is a very useful open source scanner and also you can use Acunetix Web Vulnerability scanner.
2)Penetration Testing
This is part of security testing in which a deliberate and simulated attack is carried out to circumvent security of a system.This is a must to be deployed step for commercial websites.Security can not be full-proof, as secured wordpress web hosting can be compromised with c99 madshell script written in php.
3)Web Application Firewalls
Web application firewalls are essential for larger and advanced websites as these can not be affordable by everyone.These firewalls are specifically designed for fine tuning web application by keeping a check on HTTP traffic and data leakage by residing in between client and server.
4)Client Security Tools
A web-master can do everything from his part to secure a server.But, risk management has to be one of the most important priority.One can never predict about security in the future.So, clients have to advised by web-masters to use some of browser security tool to save themselves from any loss.Such a tool can be XSS me FireFox add on or Internet Explorer 8's in built XSS filter.
5)Application Whitelists
It is a policy that is employed by administrators to document congiguration pf applications put in the whitelist.This way they can detect any unauthorized changes to the server environment.
These are the five ways to put a secured website on the Internet.But, all these are not affordable by everyone.You must be aware of Internet mobs.While choosing a CMS for your website go for something that gets updated quickly with larger user base like Joomla, Nuke, drupal web hosting etc.
1)Vulnerability Assessment
A vulnerability scanner is a tool that searches and maps a system or network for different possible weakness and report it with feedback for the use of administrator.They can give you possible web application vulnerabilities like sql injection, XSS and firewall security breach.Nikto is a very useful open source scanner and also you can use Acunetix Web Vulnerability scanner.
2)Penetration Testing
This is part of security testing in which a deliberate and simulated attack is carried out to circumvent security of a system.This is a must to be deployed step for commercial websites.Security can not be full-proof, as secured wordpress web hosting can be compromised with c99 madshell script written in php.
3)Web Application Firewalls
Web application firewalls are essential for larger and advanced websites as these can not be affordable by everyone.These firewalls are specifically designed for fine tuning web application by keeping a check on HTTP traffic and data leakage by residing in between client and server.
4)Client Security Tools
A web-master can do everything from his part to secure a server.But, risk management has to be one of the most important priority.One can never predict about security in the future.So, clients have to advised by web-masters to use some of browser security tool to save themselves from any loss.Such a tool can be XSS me FireFox add on or Internet Explorer 8's in built XSS filter.
5)Application Whitelists
It is a policy that is employed by administrators to document congiguration pf applications put in the whitelist.This way they can detect any unauthorized changes to the server environment.
These are the five ways to put a secured website on the Internet.But, all these are not affordable by everyone.You must be aware of Internet mobs.While choosing a CMS for your website go for something that gets updated quickly with larger user base like Joomla, Nuke, drupal web hosting etc.
EmoticonEmoticon