Solved

Enhancing The Security of the Web Applications

Posted on 2004-04-24
5
369 Views
Last Modified: 2013-11-15
Hello, I am a (Web Application Developer) and I am asking about how to find a best guide or model that covering all security points from beging of developing till publishing. Please help me to enhance my web application secuirty by using standard way.
0
Comment
Question by:Rami_Science
  • 2
  • 2
5 Comments
 
LVL 5

Expert Comment

by:Droby10
ID: 10909286
there are a number of generic and detail-focused checklists/guides here: http://www.owasp.org/.

0
 
LVL 7

Expert Comment

by:shahrial
ID: 10917246
What kind of web development platform are you using? For specifics, please input more details...else see Droby10 comment.
 
0
 

Author Comment

by:Rami_Science
ID: 10926628
hi, Droby10 the OWASP site is so nice, but I'm just beginner in the security issues so I will take some time to check it out before accepting your answer.
0
 

Author Comment

by:Rami_Science
ID: 10926734
    hello, shahrial. Till now I'am using windows as system platform and ASP + VBScript + JavaScript as languages. I think realy I'am searching about references that give me a complete vision  about  making my web applications safe for my customers in intrnet/intranet networks.
Here some issues tell me what do you think and take me to the right track.

     * The confidentiality of the submitted information like (member's information, private numbers, credit cards, electronic checks and e-mails).
     * Some Issues below:
1.  Server-Side Script.
2.  Client-Side Script.
3.   DBMS.
4.   Web Server Software.
5.   Server Operating System.
6.   Administrator's, Author's, User's and Guest's Permissions.
7.   Browsers.
8.   Host issue.
9.   Using security software.
10. Passwords Protection.
11. The Web Policy.
12. Credit card proxy Systems.
13. SSL.
14. Server Side include file problem.
15. Distributed Denial of Services (DDoS) Attack.
16. Security Layers.
 
0
 
LVL 7

Accepted Solution

by:
shahrial earned 500 total points
ID: 10934502
1.  Server-Side Script. > http://www.w3.org/Security/Faq/wwwsf3.html
2.  Client-Side Script. > http://www.codeproject.com/aspnet/scriptgen.asp?msg=802619
3.   DBMS. > http://searchdatabase.techtarget.com/featuredTopic/0,290042,sid13_gci863539,00.html
4.   Web Server Software. > http://www.w3.org/Servers.html
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/webapp/iis/default.mspx
5.   Server Operating System. > http://www.microsoft.com/technet/prodtechnol/windowsserver2003/default.mspx
6.   Administrator's, Author's, User's and Guest's Permissions. ... these are OS specifics...see Server OS.
7.   Browsers. > http://www.theguardianangel.com/tutorials/browser_security_tutorials_summary.htm
8.   Host issue. ???
9.   Using security software. > http://www.alw.nih.gov/Security/prog-full.html
10. Passwords Protection. > http://www.nipc.gov/publications/nipcpub/password.htm
http://www.cert.org/tech_tips/passwd_file_protection.html
11. The Web Policy. > http://www.defenselink.mil/webmasters/
12. Credit card proxy Systems. > http://www.devshed.com/c/a/Administration/ScriptBased-Credit-Card-Interfaces/
13. SSL. > http://developer.netscape.com/tech/security/ssl/howitworks.html
14. Server Side include file problem. > http://www.freewebmasterhelp.com/tutorials/ssi
15. Distributed Denial of Services (DDoS) Attack. > http://www.denialinfo.com/
16. Security Layers. > http://www.findarticles.com/cf_dls/m0FOX/n15_v3/21168397/p1/article.jhtml

There are many sites and books to learn from the above topics...
Hope this helps...;-)

0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Knowing where your website is hosted is as important as the features you receive, the monthly fee, and the support you receive. Due diligence should be done when choosing your next hosting provider.
As cyber crime continues to grow in both numbers and sophistication, a troubling trend of optimization has emerged over the last year.
The viewer will learn how to successfully download and install the SARDU utility on Windows 7, without downloading adware.
XMind Plus helps organize all details/aspects of any project from large to small in an orderly and concise manner. If you are working on a complex project, use this micro tutorial to show you how to make a basic flow chart. The software is free when…

791 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question