1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

Basic Questions About Online Security

Discussion in 'Security' started by jawinn, Jun 3, 2007.

  1. #1
    A am totally new to the issue of designing sites with login and password security. I am about to launch a few new projects with security concerns. My questions are:

    How big of an issue is it for sites with sensitive information to be hacked and the information stolen?

    The sites will host information like people's names and addresses. Where do you guys draw the line on what data you will and will not host in an online database?

    Lastly is there any good info out there on this subject such as best practices?

    thx,
    SEMrush
     
    jawinn, Jun 3, 2007 IP
    SEMrush
  2. damonp

    damonp Peon

    Messages:
    97
    Likes Received:
    2
    Best Answers:
    0
    Trophy Points:
    0
    #2
    How big of an issue is it that your house could get burglarized? You could leave your doors unlocked all year long and nothing happen or you could lock the door and pop in to the coffee shop for a quick latte and return to find everything gone.

    In most websites it is unlikely you will be hacked similar to your house. There are factors that can increase your visibility and make you more of a target. Things such as anything for the younger generations... video games, skateboarding, myspace etc.

    Just as I'm sure you lock your doors every time you leave your house, you need some basic security practices in place on your webserver and web applications.

    Never host sensitive info like SSN or credit card numbers on a shared host. Not only must you be worried about your own security practices but those of every other domain and account on the same server you are on. Many times I see sites broken in to stemming from an attack on another site on the server which gives them root access to EVERY domain on the server.

    http://www.google.com/search?q=web+security+best+practices
    http://freenetdocs.com/blog/2007/06/04/pcmag-web-server-security-best-practices/
     
    damonp, Jun 6, 2007 IP
    jawinn likes this.
  3. hans

    hans Well-Known Member

    Messages:
    2,924
    Likes Received:
    126
    Best Answers:
    1
    Trophy Points:
    173
    #3
    on a global level the average is about 1 hacker per day per server

    keep that in mind in all you do online

    i had my first hackers the very first day of my server when i still was on IP

    hackers are successful because most hackers invest more time, efforts and money in learning to hack than most webmasters learn about being web-MASTER for their server.

    avoid password login for admin,
    use strictly server key auth for your own login
    avoid login when ever possible
    avoid fancy SW
    avoid SW with unsolved security issues
     
    hans, Jun 25, 2007 IP
    jawinn likes this.