Web site security issues

This 'web site security issues' article is supplied by Web Site Security, where you can find more information about web site security issues.

Evaluation of Website Security Concerns



An unfortunate fact is that there are lots of ways in which website security can be undermined. Security dangers are ever present which can have an effect on Web servers and LANs (local area networks) where Websites are hosted, even by the conventional use of a Web browser.

Web Masters shoulder the responsibility when handling the most dangerous threats. As soon as a Web server is installed at a site, a porthole is constructed in the local area network through which anyone on the Internet can peek. Naturally, nearly all web site visitors see only what they're supposed to look at, but a small number try to discover areas of the site which are not meant to be detectable by all and sundry. Dishonest visitors wish to go further than only look; they endeavor to open the window and creep inside. The harm they may inflict might be mere vandalism, for instance replacing the website's home page with theirs which might say or display absolutely anything at all, or else it could be burglary, such as appropriating a customers or sales list.

It is hard to avoid the likelihood that intricate computer software contains bugs. No matter how systematically it is tested, there exists as a rule a particular permutation of events or user actions, even though it might appear rarely, which brings about a fault. Software bugs cause gaps in system security. A Web server is complicated software that may very possibly contain a security gap.

It's not just the complexity of a Web server that may cause a glitch, but also its open architecture. Consider a CGI script as a case in point. A CGI script can be executed at the server in reply to a remote call from a client. This might be a request from an application or even the click of a button in a browser. If the CGI script includes a bug, there could be a risk of a security violation.

Network Administrators also have to take on problems from Web servers because of the risk they pose to the security of the local area network. While there must be no unauthorised intrusions, admittance must be given to web site visitors. This means that access to the network has to be controlled. The Administrator therefore must perform a delicate balancing act. Even the most robust firewall can be breached if the Web server is configured badly. Bearing that in mind, normal use of the web site can be unattainable if the firewall is configured badly. Finding an ideal resolution is still more tricky if an intranet exists as part of the system. Typically, the Web server then has to be configured to distinguish and authenticate domains and user groups, which are liable to have varying permission levels and access rights.

Tip: For ideas as regards a special feature of website security, like "web site security issues", search for the full expression on the Web.

Almost everyone using a browser to surf the Internet believe that they're doing so namelessly and securely. It is not so. Web browsers are able to run self-contained software programs on the local machine that are resident on a website. Current browsers show a caution and ask consent to run those programs. Known generally as "active content", e.g., ActiveX controls or Java applets, these programs, if malicious, could easily deposit a virus or other hazardous software on the browser user's PC. When it's in the system it can wreak all kinds of damage and may be very awkward to eliminate.

This is also a worry for Network Administrators. Web browsers offer a path for possibly malicious software to seep all the way through the local area network's firewall. After it is in the network, the harm it can inflict can go from covertly appropriating private data to gratuitous carnage.

Aside from the matters in re active content, merely surfing the Internet records a trail of the user's activities in the browser's history. This might be utilised by web sites and installed software to ascertain an exact profile of the user's behavior and interests. Though this might be frowned upon as an invasion of privacy by some, it can be advantageous by showing related subject matter straight away, so unburdening the user of the task of trying to find it.

Privacy is a question which concerns not just browser users but also Web Masters and Network Administrators during the actual transmission of information by means of the Internet. TCP/IP (Transmission Control Protocol/Internet Protocol) is the fundamental language of communication for the Internet. When it was formed, security wasn't the most important feature of its blueprint. Both network and Internet transmissions should therefore not be considered as essentially private. Every time the browser on a local PC downloads a confidential file from the remote Web server, or the browser user fills out a form with personal information and clicks the 'Submit' button, the transmitted data may be intercepted without authorization.

To find out more about 'web site security issues', visit website-security.biz.