<div>
Here's a sample diagram depicting my recommended approach.<br />
<br />
<a href="https://filedb.experts-exchange.com/incoming/2013/12_w49/690824/FwProxyWafDam.png" target="_blank" title="Recommended Approach (87 KB)"><img alt="Recommended Approach" class="file-block lazyload" style="max-width: 800px;" data-src="https://filedb.experts-exchange.com/incoming/2013/12_w49/800_690824/FwProxyWafDam.png" /></a>
</div>


Here's a sample diagram depicting my recommended approach.

Recommended Approachhttps://filedb.experts-exchange.com/incoming/2013/12_w49/690824/FwProxyWafDam.png

FwProxyWafDam.png

<div>
<div class="content wysiwyg-content">
Lately, an anonymous group has appeared in youtube <br />
to hack websites, possibly by altering the pages on<br />
the websites:<br />
&nbsp; <a href="http://www.youtube.com/watch?v=AJCU14M7PBU" rel="ugc">http://www.youtube.com/watch?v=AJCU14M7PBU</a><br />
<br />
I'll need to brainstorm for a list of preventive measures to<br />
pre-empt the above attacks.<br />
<br />
a) run vulnerability scan (Nessus) ?<br />
b) apply latest MS security patches ?<br />
<br />
Anything else?
</div>
</div>


Lately, an anonymous group has appeared in youtube 
to hack websites, possibly by altering the pages on
the websites:
  http://www.youtube.com/watch?v=AJCU14M7PBU

I'll need to brainstorm for a list of preventive measures to
pre-empt the above attacks.

a) run vulnerability scan (Nessus) ?
b) apply latest MS security patches ?

Anything else?

Measures against hacking of websites

A vulnerability is a weakness which allows an attacker to reduce a system's information assurance. Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw. To exploit a vulnerability, an attacker must have at least one applicable tool or technique that can connect to a system weakness, known as the attack surface. Vulnerability management is the cyclical practice of identifying, classifying, remediating, and mitigating vulnerabilities. Other vulnerabilities include security risks, security defects and constructs in programming languages that are difficult to use properly.

Vulnerabilities

Web applications are systems that run in browsers that perform functions normally associated with other client-based programs. One of the most commonly used web applications is email; instead of downloading individual emails to a local machine, the data is shown through a website. Other examples of web applications are collaborative systems like a wiki or an online game.

Web Applications

Network security consists of the policies adopted to prevent and monitor authorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, and covers a variety of computer networks; conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access.

Network Security

The cyber security specialization covers the fundamental concepts underlying the construction of secure systems, from the hardware to the software to the human-computer interface, with the use of cryptography to secure interactions. Cyber security refers to the protection of personal or organizational information or information resources from unauthorized access, attacks, theft, or data damage. This includes controlling physical access to the hardware, as well as protecting against the harm that may come via network access, data and code injection, and due to malpractice by operators, whether intentional, accidental, or due to them being tricked into deviating from secure procedures.