The Latest in IT Security

It is seen that more and more people are creating Web sites to market their products.
Definitely having your own Web site will help in getting more customers purchasing your products.

But unfortunately along with the customers, hackers too are attracted towards the Web sites. If you have not taken enough care to protect your site, then there are chances of your Web site getting compromised. Once a site is compromised the hacker can change the content of the site by adding new pages or modifying the existing page content. Motive behind this may be to host phishing content, so as to trick users to provide personal and financial details or to infect visitors of the Web site with Trojan, Backdoors etc.

The following figure shows the status of the Web sites being hacked during Jan-2011 to Sep-2011.

For more information about the Web sites being hacked, visit: http://www.cert-in.org.in/

We recommend you to follow these measures to minimize attack on your Web sites:

– Fields such as page headers, cookies, query string etc. should be properly validated.

– Always try to keep all the files up to date, immediately remove any unnecessary files.

– Use robots.txt file to avoid indexing of directories.

– Make sure that your webserver doesn’t allow any directory listing.

– User logins and their passwords should be properly managed and must be updated regularly .

– Your webserver should always be properly patched, and all the software applications you are using must be latest and updated.

– Deployment of Web application security scanner can also help in minimizing the risk.

– Last but not the least always keep on changing the passwords you use for connecting to your Web site. Also make sure that the password you use is a good combination of alphanumeric and special characters and avoid using weak passwords.