Solved

Enhancing The Security of the Web Applications

Posted on 2004-04-24
5
376 Views
Last Modified: 2013-11-15
Hello, I am a (Web Application Developer) and I am asking about how to find a best guide or model that covering all security points from beging of developing till publishing. Please help me to enhance my web application secuirty by using standard way.
0
Comment
Question by:Rami_Science
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 5

Expert Comment

by:Droby10
ID: 10909286
there are a number of generic and detail-focused checklists/guides here: http://www.owasp.org/.

0
 
LVL 7

Expert Comment

by:shahrial
ID: 10917246
What kind of web development platform are you using? For specifics, please input more details...else see Droby10 comment.
 
0
 

Author Comment

by:Rami_Science
ID: 10926628
hi, Droby10 the OWASP site is so nice, but I'm just beginner in the security issues so I will take some time to check it out before accepting your answer.
0
 

Author Comment

by:Rami_Science
ID: 10926734
    hello, shahrial. Till now I'am using windows as system platform and ASP + VBScript + JavaScript as languages. I think realy I'am searching about references that give me a complete vision  about  making my web applications safe for my customers in intrnet/intranet networks.
Here some issues tell me what do you think and take me to the right track.

     * The confidentiality of the submitted information like (member's information, private numbers, credit cards, electronic checks and e-mails).
     * Some Issues below:
1.  Server-Side Script.
2.  Client-Side Script.
3.   DBMS.
4.   Web Server Software.
5.   Server Operating System.
6.   Administrator's, Author's, User's and Guest's Permissions.
7.   Browsers.
8.   Host issue.
9.   Using security software.
10. Passwords Protection.
11. The Web Policy.
12. Credit card proxy Systems.
13. SSL.
14. Server Side include file problem.
15. Distributed Denial of Services (DDoS) Attack.
16. Security Layers.
 
0
 
LVL 7

Accepted Solution

by:
shahrial earned 500 total points
ID: 10934502
1.  Server-Side Script. > http://www.w3.org/Security/Faq/wwwsf3.html
2.  Client-Side Script. > http://www.codeproject.com/aspnet/scriptgen.asp?msg=802619
3.   DBMS. > http://searchdatabase.techtarget.com/featuredTopic/0,290042,sid13_gci863539,00.html
4.   Web Server Software. > http://www.w3.org/Servers.html
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/webapp/iis/default.mspx
5.   Server Operating System. > http://www.microsoft.com/technet/prodtechnol/windowsserver2003/default.mspx
6.   Administrator's, Author's, User's and Guest's Permissions. ... these are OS specifics...see Server OS.
7.   Browsers. > http://www.theguardianangel.com/tutorials/browser_security_tutorials_summary.htm
8.   Host issue. ???
9.   Using security software. > http://www.alw.nih.gov/Security/prog-full.html
10. Passwords Protection. > http://www.nipc.gov/publications/nipcpub/password.htm
http://www.cert.org/tech_tips/passwd_file_protection.html
11. The Web Policy. > http://www.defenselink.mil/webmasters/
12. Credit card proxy Systems. > http://www.devshed.com/c/a/Administration/ScriptBased-Credit-Card-Interfaces/
13. SSL. > http://developer.netscape.com/tech/security/ssl/howitworks.html
14. Server Side include file problem. > http://www.freewebmasterhelp.com/tutorials/ssi
15. Distributed Denial of Services (DDoS) Attack. > http://www.denialinfo.com/
16. Security Layers. > http://www.findarticles.com/cf_dls/m0FOX/n15_v3/21168397/p1/article.jhtml

There are many sites and books to learn from the above topics...
Hope this helps...;-)

0

Featured Post

Major Incident Management Communications

Major incidents and IT service outages cost companies millions. Often the solution to minimizing damage is automated communication. Find out more in our Major Incident Management Communications infographic.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There's a lot of hype surrounding blockchain technology. Here's how it works and some of the novel ways it' s now being used - including for data protection.
This article was originally published on Monitis Blog, you can check it here . If you have responsibility for software in production, I bet you’d like to know more about it. I don’t mean that you’d like an extra peek into the bowels of the sourc…
Video by: Tony
This video teaches viewers how to export a project from Adobe Premiere Pro and the various file types involved.
An overview on how to enroll an hourly employee into the employee database and how to give them access into the clock in terminal.

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question