Web site security measures

This 'web site security measures' article is supplied by Web Site Security, where you can find more information about web site security measures.

Web Site Security Concerns - An Understanding



It is unfortunate, but there are numerous ways in which website security can be jeopardised. For example, security dangers are ever present which impinge on Web servers and LANs (local area networks) where Web sites are hosted, even by the routine use of a Web browser.

Web Masters come under fire when handling the gravest challenges. As soon as a Web server is set up at a site, a window comes into being in the local area network through which anyone who is on the Internet can look. Obviously, nearly all web site visitors look at no more than what they are meant to look at, but just a few of them try to uncover elements of the site that are not meant to be evident to all and sundry. Dishonest visitors aim to do other than simply look; they endeavor to unlock the window and sneak in. The damage they may inflict might be mere vandalism, for instance replacing the website's home page with one of theirs which could say or display absolutely anything, or it could be robbery, such as stealing a customers or sales list.

It is hard to evade the probability that complicated software contains bugs. No matter how thoroughly it's tested, there does exist typically a certain pattern of events or user actions, even if it may be rare, that causes a fault. Software bugs cause gaps in system security. A Web server is complicated software which may quite easily contain a security gap.

It's not only the complexity of a Web server that may instigate a glitch, but also its open architecture. Consider a CGI script as an example. A CGI script may be run at the server in reply to a remote request from a client. It might be a request from an application or even the click of a button in a browser. If the CGI script contains a bug, there is a risk of a security breach.

Network Administrators also have to cope with problems from Web servers due to the threat they pose to the security of the local area network. While there should be no unauthorized intrusions, right of entry has to be granted to web site visitors. This means that access to the network should be controlled. The Administrator therefore has to perform a delicate balancing act. Even the most robust firewall can be compromised if the Web server is configured poorly. Concomitant with this constraint, normal use of the web site can be unachievable if the firewall is configured badly. Attaining an ideal answer is yet more complicated if an intranet exists as part of the system. Normally, the Web server in that case needs to be configured to identify and verify domains and user groups, which are liable to have differing permission levels and access rights.

Tip: For advice regarding a specialised viewpoint of website security, for instance "web site security measures", search for the full expression on the Web.

Almost everyone using a browser to surf the Net suppose that they are doing it namelessly and safely. This is not the case. Web browsers can run self-contained software on the user's computer that are located on a web site. Current browsers show a notice and request authorisation to run these kinds of programs. Known commonly as "active content", e.g., ActiveX controls or Java applets, these programs, if malicious, can easily install a virus or other hazardous software on the browser user's PC. After it's in the system it can cause all kinds of havoc and can be exceedingly stubborn to get rid of.

This is also a worry for Network Administrators. Web browsers provide a way for possibly malicious software to permeate all the way through the local area network's firewall. As soon as it is in the system, the harm it can inflict can range from clandestinely gaining possession of confidential information to willful demolition.

Besides the problems involving active content, just browsing the Web leaves a trail of the user's activities in the browser's history. This may be utilised by web sites and installed programs to create an accurate report of the user's behavior and preferences. Despite the fact that this might be thought of as an invasion of privacy by some people, it can be useful by offering related subject matter right away, thus exonerating the user of the job of trying to find it.

Confidentiality is an issue that concerns not just browser users but also Web Masters and Network Administrators for the duration of the actual transmission of data by means of the Net. TCP/IP (Transmission Control Protocol/Internet Protocol) is the fundamental language of communication for the Internet. When it was created, security wasn't the principal aspect of its design. Both network and Internet transmissions should therefore not be considered as automatically confidential. When the browser on a local machine downloads a private document from the remote Web server, or the browser user completes a form with private data and clicks the 'Submit' button, the transmitted information could be intercepted without authorization.

To find out more about 'web site security measures', visit website-security.biz.