Website security features

This 'website security features' article is supplied by Web Site Security, where you can find more information about website security features.

Website Security Considerations - An Overview



Alas, there are various ways in which web site security can be jeopardised. For example, security hazards exist which have an effect on Web servers and LANs (local area networks) on which Web sites reside, even by the regular use of a Web browser.

Web Masters are in the front line when coping with the critical challenges. As soon as a Web server is installed at a site, a porthole is established in the local area network through which anyone who is on the Internet can look. Certainly, as a rule web site visitors look at no more than what they are supposed to see, but a minority attempt to find elements of the site that aren't meant to be visible to all and sundry. Fraudulent visitors mean to go further than merely look; they attempt to undo the window and creep through. The harm intruders may inflict might be sheer vandalism, like substituting the website's home page with one of theirs which might say or put on view anything, or it might be larceny, such as stealing a customers or sales database.

It is hard to escape the virtual certainty that complicated software contains bugs. Regardless of how thoroughly it's tested, there is usually some permutation of events or user actions, while it may be infrequent, that creates an error. Computer software bugs produce breaches in system security. A Web server is complicated software that may very likely include a security flaw.

It's not merely the complexity of a Web server that may cause a problem, but also its open architecture. Think about a CGI script as an illustration. A CGI script can be run at the server in answer to a remote call from a client. It could be a request from a program or even the click of a button in a browser. If the CGI script contains a bug, there's a possibility of a security violation.

Network Administrators also have to cope with problems from Web servers owing to the danger they pose to the security of the local area network. Whereas there should be no unauthorised intrusions, admittance has to be granted to website visitors. This means that access to the network has to be regulated. The Administrator therefore has to perform a delicate balancing act. Even the most sturdy firewall may be breached if the Web server is configured poorly. Concomitant with this constraint, normal use of the website can be not viable if the firewall is configured badly. Arriving at a model answer is yet more tricky if an intranet forms an element of the system. Normally, the Web server then must be configured to recognize and authenticate domains and user groups, which are apt to have varying permission levels and access privileges.

Suggestion: For information on a specific feature of website security, for example "website security features", look for the full phrase on the Web.

Most of the people using a browser to surf the Internet suppose that they're doing so incognito and in safety. It is not the case. Web browsers may run autonomous programs on the user's machine which are located on a web site. Current browsers display a notice and request consent to run those programs. Known generally as "active content", e.g., ActiveX controls or Java applets, these programs, if malicious, may easily deposit a virus or other dangerous software on the browser user's machine. When it's in the system it can wreak all kinds of catastrophe and may be very problematical to eradicate.

This is also a worry for Network Administrators. Web browsers offer a route for potentially malicious software to filter through the local area network's firewall. When it is in the system, the damage it can cause can stretch from covertly gaining possession of sensitive information to gratuitous destruction.

Apart from the matters to do with active content, merely browsing the Web records a trail of the user's activities in the browser's history. This could be utilised by web sites and installed software programs to ascertain an exact report of the user's behavior and preferences. Despite the fact that this may be frowned upon as an invasion of privacy by some, it can be helpful by showing applicable subject matter directly, thus relieving the user of the job of trying to find it.

Confidentiality is a question that worries not just browser users but also Web Masters and Network Administrators in the actual transmission of information via the Net. TCP/IP (Transmission Control Protocol/Internet Protocol) is the fundamental language of communication for the Net. When it was created, security wasn't the principal aspect of its blueprint. Both network and Internet transmissions should therefore not be thought of as as essentially confidential. Whenever the browser on a local computer downloads a private file from the remote Web server, or the browser user fills in a form with private data and clicks the 'Submit' button, the transmitted information may be intercepted without consent.

To find out more about 'website security features', visit website-security.biz.