Top Keys to create a secure website

Download Top Keys to create a secure website

Post on 08-Aug-2015




1 download

Embed Size (px)


  1. 1. Keys To Create A SecureKeys To Create A Secure WebsiteWebsite
  2. 2. The NeedThe Need You may think your website haven't anything that is worth for anyone to be hacked but it is found that majority of security breaches are used to use your server to setup temporary server and use it as an email relay for Spam instead of stealing your data.
  3. 3. Key 1 :Key 1 : Upto Date SoftwareUpto Date Software It is obvious that one should have updated systems all the time but ensuring updates software up to date is somehow vital. This key applies for both servers, the operating system and the software you may running on web.
  4. 4. Key 2 :Key 2 : SQL injectionSQL injection Attacker often use SQL injection i.e. a URL parameter to manipulate database. When a standard SQL query is used, it is easy to amend accordingly and insert rogue code to change tables and get information. The key purpose is to use parameterized queries and it easy to implement for majority of web languages which is in use by most of the website design companies.
  5. 5. Key 3 :Key 3 : PasswordsPasswords Using a complex password is not always sufficient as much users not like to enforce them for requirement like length, use of special symbols and uppercase letters etc. Instead it should be save with encrypted values and salt the passwords for extra security.
  6. 6. Key 4 :Key 4 : SSLSSL SSL protocol is widely used to provide secure connections for communication over the Internet. Your personal information got hacked if medium of communication is not secure.
  7. 7. Key 5 :Key 5 : Web Security ToolsWeb Security Tools Once you have done with all your web development tasks, then it comes to check for your website security check. There are many on line free and paid tools available for this check which do provide you details result with low medium and high security alerts. Majority of CMSes has inbuilt security features.
  8. 8. Key 6 :Key 6 : Server Side/Form ValidationServer Side/Form Validation It is necessary to implement validation on browser side as well as server side. Malicious code or script can be inserted if failed to do so.
  9. 9. Key 7 :Key 7 : File UploadsFile Uploads It can be a big security risk if you allow users to upload files on your website. You can achieve secure file uploading by variety of methods but its more likely suggested that prevent direct access to those uploaded files together. In this way, the files are stored in a separate folder which is outside of the root folder.
  10. 10. Key 8 :Key 8 : Displaying Error MessagesDisplaying Error Messages You must be careful regarding the error messages you are displaying while any attempt on your website. Attacker can get user-name and password with an attack that when one of the fields get corrected. You should use general messages like "Incorrect User-name or Password" rather than to mention when a user got query corrected to some extent.
  11. 11. Get More Solutions The web application development company that offers endless oppurtunities for its clients.


View more >