Web site security options

This 'web site security options' article is supplied by Web Site Security, where you can find more information about web site security options.

An Overview of Web Site Security Issues



It's unfortunate, but there are numerous ways in which web site security can be endangered. Security dangers are ever present which can have an effect on Web servers and LANs (local area networks) where Web sites reside, even by the ordinary use of a Web browser.

Web Masters are in the front line when handling the major challenges. As soon as a Web server is set up at a site, a window appears in the local area network through which anyone on the Internet can peek. Certainly, most web site visitors look at no more than what they're meant to look at, but a handful of them try to locate elements of the site which are not meant to be visible to all and sundry. Nefarious visitors would like to go further than simply look; they make an attempt to unlock the window and slip through it. The harm intruders may inflict might be mere vandalism, for example substituting the website's home page with theirs which could say or put on view anything, or it could be theft, such as gaining possession of a customers or sales database.

It is difficult to elude the virtual certainty that complicated software contains bugs. Regardless of how comprehensively it is tested, there is by and large a certain pattern of events or user actions, even if it might arise on the odd occasion, which creates a fault. Computer software bugs cause gaps in system security. A Web server is intricate software which can quite probably include a security weakness.

It is not only the complexity of a Web server which can trigger a glitch, but also its open architecture. Consider a CGI script as a case in point. A CGI script may be processed at the server in response to a remote call from a client. It might be a request from an application or even the click of a button in a browser. If the CGI script contains a bug, there is a danger of a security violation.

Network Administrators also have to tackle problems from Web servers on account of the danger they pose to the security of the local area network. Whereas there should be no unauthorised incursions, access has to be granted to web site visitors. This means that access to the network must be controlled. The Administrator therefore must perform a delicate balancing act. Even the most sturdy firewall can be breached if the Web server is configured badly. Concomitant with this constraint, normal use of the website may be unachievable if the firewall is configured badly. Finding a model answer is still more difficult if an intranet is part of the system. Commonly, the Web server then needs to be configured to identify and validate domains and user groups, which are liable to have varying permission levels and access rights.

Suggestion: For ideas about an individual side of website security, like "web site security options", search for the complete expression on the Net.

Almost all people using a browser to surf the Web trust that they are doing so anonymously and safely. This is not so. Web browsers may run self-contained software programs on the user's machine that are hosted by a web site. Modern browsers show a caution and ask authorisation to execute such programs. Identified commonly as "active content", e.g., ActiveX controls or Java applets, these programs, if malicious, can easily leave a virus or other hazardous software on the browser user's computer. As soon as it is in the system it can wreak all kinds of havoc and may be very hard to delete.

This is also a worry for Network Administrators. Web browsers afford a route for potentially malicious software to seep through the local area network's firewall. After it is in the network, the damage it could cause can vary from clandestinely stealing sensitive information to wilful spoliation.

Apart from the matters to do with active content, merely surfing the Net records a trail of the user's activities in the browser's history. This might be used by web sites and installed software programs to create an exact profile of the user's behavior and interests. Though this may be thought of as an invasion of privacy by some people, it can be useful by showing applicable subject matter instantly, so relieving the user of the job of looking for it.

Secrecy is an issue which worries not only browser users but also Web Masters and Network Administrators in the actual transmission of data by means of the Net. TCP/IP (Transmission Control Protocol/Internet Protocol) is the fundamental language of communication for the Internet. When it was created, security wasn't the most important feature of its design. Both network and Internet transmissions should therefore not be thought of as as automatically private. Any time the browser on a local PC downloads a private file from the remote Web server, or the browser user fills in a form with confidential information and clicks the 'Submit' button, the transmitted information may be intercepted without consent.

To find out more about 'web site security options', visit website-security.biz.