Website Security is an application that restricts access to certain areas within your Website.
If an attacker changed the URL parameter to pass in ' or '1'='1 this will cause the query to look like this:
Since ‘1’ is equal to ‘1’ this will allow the attacker to add an additional query to the end of the SQL statement which will also be executed.
As much as users may not like it, enforcing password requirements such as a minimum of around eight characters, including an uppercase letter and number will help to protect their information in the long run.
Passwords should always be stored as encrypted values, preferably using a one way hashing algorithm
1.SQL injection:"SQL Injection" is subset of the an unverified user input vulnerability and the idea is to convince the application to run SQL code that was not intended.
Consider this query:
- "SELECT * FROM table WHERE column = '" + parameter + "';"
If an attacker changed the URL parameter to pass in ' or '1'='1 this will cause the query to look like this:
- "SELECT * FROM table WHERE column = '' OR '1'='1';"
Since ‘1’ is equal to ‘1’ this will allow the attacker to add an additional query to the end of the SQL statement which will also be executed.
2.XSS:Cross site scripting is when an attacker tries to pass in JavaScript or other scripting code into a web form to attempt to run malicious code for visitors of your site. When creating a form always ensure you check the data being submitted and encode or strip out any HTML.
3. Error messages:Be careful with how much information you give away in your error messages.You should use generic messages like “Incorrect username or password” as not to specify when a user got half of the query right. If an attacker tries a brute force attack to get a username and password and the error message gives away when one of the fields are correct then the attacker knows he has one of the fields and can concentrate on the other field.
4.Server side validation/form validation:
Validation should always be done both on the browser and server side. The browser can catch simple failures like mandatory fields that are empty and when you enter text into a numbers only field.
*Validation methods
User’s input can be validated on the server and on the client (web browser). Thus we have server-side and client-side validation.*Server-side validation
In the server-side validation, information is being sent to the
server and validated using one of server-side languages. If the
validation fails, the response is then sent back to the client, page
that contains the web form is refreshed and a feedback is shown. This
method is secure because it will work even if JavaScript is turned off
in the browser and it can’t be easily bypassed by malicious users. On
the other hand, users will have to fill in the information without
getting a response until they submit the form. This results in a slow
response from the server.
*Client-side validation
Server-side validation is enough to have a successful and secure form
validation. For better user experience, however, you might consider
using client-side validation. This type of validation is done on the
client using script languages such as JavaScript. By using script
languages user’s input can be validated as they type. This means a more
responsive, visually rich validation.
With client-side validation, form never gets submitted if validation
fails. Validation is being handled in JavaScript methods that you create
(or within frameworks/plugins) and users get immediate feedback if
validation fails.
5.Passwords
Everyone knows they should use complex passwords, but that doesn’t
mean they always do. It is crucial to use strong passwords to your
server and website admin area, but equally also important to insist on
good password practices for your users to protect the security of their
accounts.
As much as users may not like it, enforcing password requirements such as a minimum of around eight characters, including an uppercase letter and number will help to protect their information in the long run.
Passwords should always be stored as encrypted values, preferably using a one way hashing algorithm
6.File uploads
Allowing users to upload files to your website can be a big security
risk, even if it’s simply to change their avatar. The risk is that any
file uploaded .It could contain a script that
when executed on your server completely opens up your website.
If you have a file upload form then you need to treat all files with great suspicion. If you are allowing users to upload images, you cannot rely on the file extension or the mime type to verify that the file is an image as these can easily be faked. Even opening the file and reading the header, or using functions to check the image size are not full proof. Most images formats allow storing a comment section which could contain PHP code that could be executed by the server.
If you have a file upload form then you need to treat all files with great suspicion. If you are allowing users to upload images, you cannot rely on the file extension or the mime type to verify that the file is an image as these can easily be faked. Even opening the file and reading the header, or using functions to check the image size are not full proof. Most images formats allow storing a comment section which could contain PHP code that could be executed by the server.
7.Server security
Most hosting providers deal with the server configuration for you,
but if you are hosting your website on your own server then there are
few things you will want to check.
Ensure you have a firewall setup, and are blocking all non essential ports. Although this might not be possible if you don't have access to your server from an internal network as you would need to open up ports to allow uploading files and to remotely log in to your server over SSH or RDP.
Ensure you have a firewall setup, and are blocking all non essential ports. Although this might not be possible if you don't have access to your server from an internal network as you would need to open up ports to allow uploading files and to remotely log in to your server over SSH or RDP.
8.SSL
SSL is a protocol used to provide security over the Internet. It is a
good idea to use a security certificate whenever you are passing
personal information between the website and web server or database.
Attackers could sniff for this information and if the communication
medium is not secure could capture it and use this information to gain
access to user accounts and personal data.
0 comments:
Post a Comment