We all are well cognizant that day by day our generation is
being solicitous for the world of internet. To accommodate them, IT industries
are launching plenty of web application and endeavoring to magnetize them with
their own special features of application.
Now with the revolution of web applications, one news very
often we auricularly discern is “leak of personal information over internet”.
It could be credit card information, utilizer denomination, password or even
your personal image.
Now safety of web applications has become one of the
overheads for IT companies. We can reduce it or overcome to an astronomically
immense extent by following simple tips:
Update all software
at regular intervals:
- Update your code with security fixes at regular basis
- If third party plugin, always keep an eye whenever they release their update, perform update on your application
- Clean all unused third party plugin, old and non-updated plugins.
Figure 1 : http://cdn.ttgtmedia.com/digitalguide/images/Misc/white_hat_hacker_cartoon.jpg
Develop security
layer to application:
Develop Firewall for your
application. It is first door for any incoming input for application which
performs a defensive action against any suspected data. The firewall should
provide the solution for the followings:
- Brute force attack
- Scrub and filter malicious request
- Provide a shield from injection flow, X site scripting (may be all OWASP)
Shift to HTTPS:
HTTPS is used to deal with sensitive information over web
application and web server. HTTPS enables to add an extra encryption layer of
Transport layer security or Secure sockets layer which, ascertain that sensitive data are more secure
over a network.
HTTPS
is peculiarly used for online transaction applications. Albeit it should be adopted for those
applications withal who don’t deal with online transaction
Figure2 :
https://s-media-cachak0.pinimg.com/736x/c1/9b/b2/c19bb2394b737f0e0a10c7ffaf057d1e.jpg
Strong Password (most
recommendable):
One of the most recommendable solution to strengthen your password
is to use a ‘Strong Password’. It is a
very effective way to inhibit the attacks like Brute force or Dictionary. Ascertain
that your password is a coalescence of special character, alphanumeric, upper and
lower case and minimum contains 12 characters to prevent from brute force.
Figure 3: https://goo.gl/VYjoqE
Change Password
Regularly:
Two-Factor
Authentication:
Install Security
Plugins:
Always double check
security configuration:
The infrastructure that supports web application with all
the connectivity of Database, firewall, devices and software, OS etc. These all
components need to be securely configured and maintained. Never forget to cross
check all the security configuration with the perspective of loopholes.
If required, there should be proper training to make awareness about security loopholes. Prioritize security and privacy testing throughout all the phase of development phases.
If required, there should be proper training to make awareness about security loopholes. Prioritize security and privacy testing throughout all the phase of development phases.
Perform Penetration testing:
Penetration testing must be performed for web applications
for those who deal with sensitive data. This testing is one of the proactive
action which should be taken to finding vulnerabilities afore a hacker does.
To conclude
All above tips are to secure web applications from security
breaches and hackers. All above tips are neither new nor can they plenarily
eliminate the security breaches. However, if we follow them there will be a great
fight between hackers and application.
Adopt above tips to make our application robust in terms of security or stop
being a soft target for malevolent hackers.
Nice explanation very helpful
ReplyDeleteWell explained Ravish,nice work
ReplyDeleteThis comment has been removed by the author.
ReplyDeleteSuch a NYC content and NYC explanation carry on ...
ReplyDelete