You are here:
Home > Websoft Blog > How To Secure Your Website: Website Security Checklist
How To Secure Your Website: Website Security Checklist
Tuesday, 15 December 2009 10:28
With the increasing number of hackers out there, you will be surprised to know that even today, almost 70% of total websites on the Internet are unprotected. There are a lot of basic security features for your website, that you should implement, to keep your website secure.Website security is very important because if your website is not secure, your company data and files can be easily modified or deleted without your knowledge. Most importantly, your website has access to customer identities and their credit card information. Without proper security, this information can be easily leaked out, causing loss worth millions of dollars.Unfortunately, many website owners overlook these things. Some basic security features are:

Encrypted Login Pages

There are a number of websites that do not encrypt the login pages, but rather, just uses SSL after user authentication. This makes the system vulnerable to hackers, even if the login page POSTs to an encrypted source.

Encrypted Connections

If your website is using unencrypted or weakly encrypted connections, you are very vulnerable to attacks such as password sniffing and man-in-the-middle attacks. It is a good idea to use encrypted protocols, like SSH for secure resources, because if anyone breaks into the system, and acquires your login information, he will have all rights on your system.

Server side Data Validation

Some web forms make use of JavaScript validation. This is not of much significance to the security, as hacker can easily manipulate the system, by simply deactivating the JavaScript option from the browser, or selecting a browser, which is not Javascript enabled. If the password validation is done client side, viewing the source of the page can easily break the password. The users can also alter the form in a way that it always shows successful login. To protect your site from these threats, it is always good to go for server side data validation.

Connect from a secured network

Connect only from those networks that are having strong security features, and avoid the ones with doubtful or poor security.

Login identification

Do not share your login details with others, and this applies not just for you, but also for your clients. When they share their login credentials, their information becomes vulnerable, which is harmful to the entire system

Keep a backup

It is always a good idea to keep a backup. Although it increases redundancy, yet it provides security in case of a crash.

PCI scanning

A PCI (Payment Card Identity) scanning makes sure that all the IP addresses linked to your website are scanned regularly. It will make sure that the incoming and outgoing traffic to your website is safe.

Trust Seals

A trust seal is a sign to your customers that your website is protected. Although, this depends upon the customer’s perspective, if his faith is built using these seals or not.

There are lot more ways for securing your website, but some of the common ones are discussed here. It is always good to invest a little in security, when security breaches can result in heavy losses.


Websoft Written on Tuesday, 15 December 2009 10:28 by Websoft

Viewed 4056 times so far.
blog comments powered by Disqus

 

Stay in Touch

Centre of Commerce, One Bay Street, 4th Floor, Nassau, Bahamas
Tel: +1 242 676 2728  |  +1 347 983 7540
Websoft E-Business Solutions Suite 17949 Lower Ground Floor
145-157 St John Street London EC1V 4PW +44 203 129 8148
© Websoft E-Business Solutions 2017. All rights reserved.