Security for your website

Forum Moderators: mack

Message Too Old, No Replies

Security for your website

There is no security forum

Bucephalus

12:17 pm on Dec 7, 2009 (gmt 0)

hi
I'm new to web development and i'm afraid that if I develop a site it isn't going to be secure. Particularly if I build someone else a site or make an ecommerce site. So how do I arm myself with web security know-how? There doesn't seem to be a forum on here focused on security, are there any other good websites on this topic, or books or good courses that can be taken to get up to speed on this aspect on websites?

regards
Bucephalus

rocknbil

5:42 pm on Dec 7, 2009 (gmt 0)

Welcome aboard Bucephalus, you won't find an all-encompassing "secure your site" set of rules as it all depends on the environment, the technologies you're using, and many other factors. Some security issues relate to server configuration, others to programming.

Also the ones who would hack your site read these boards too, 'nuff said about that . . .

There is, however, tons of info here. In respect to coding up your applications, try some G searches in the format [keywords] site:webmasterworld.com. Here's a couple:

mysql injection [google.com]

XSS [google.com] (also try Cross Site Scripting)

Form abuse [google.com] and email injection [google.com]

site security [google.com]

You'll get lost for hours . . . tons of info here. :-)

If there is one bit of advice that goes largely ignored, it is this: every user input is a potential hack. - Selena Sol Learn to filter your input, throw away everything you don't want, and it's a good start.

Bucephalus

1:48 pm on Dec 8, 2009 (gmt 0)

Thanks for the response Rocknbil.
That's very helpful.