Malicious practices such as SQL
injection can be executed by users with
ill intent yet with only primitive
knowledge of web development as a
whole. Scripts can be used to exploit
websites by granting unauthorized
access to malicious users that try to
collect information such as email
addresses, passwords and protected
content like credit card numbers.
Some of this is dependent on the server
environment (most commonly Apache
or Microsoft IIS ) on which the scripting
language, such as PHP , Ruby , Python,
Perl or ASP is running, and therefore is
not necessarily down to the web
developer themselves to maintain.
However, stringent testing of web
applications before public release is
encouraged to prevent such exploits
from occurring. If some contact form is
provided in a website it should include
a captcha field in it which prevents
computer programs from automatically
filling forms and also mail spamming.
Keeping a web server safe from
intrusion is often called Server Port
Hardening . Many technologies come
into play to keep information on the
internet safe when it is transmitted
from one location to another. For
instance TLS certificates (or "SSL
certificates") are issued by certificate
authorities to help prevent internet
fraud . Many developers often employ
different forms of encryption when
transmitting and storing sensitive
information. A basic understanding of
information technology security
concerns is often part of a web
developer's knowledge.
Because new security holes are found
in web applications even after testing
and launch, security patch updates are
frequent for widely used applications. It
is often the job of web developers to
keep applications up to date as security
patches are released and new security
concerns are discovered.
No comments:
Post a Comment