Thursday, 10 December 2015

SECURITY to make your website more secure!!


Before discussing how to secure your website. Let us take a quick review on what is testing??? What is website??? And what a security testing is???


A website is a set of web pages or we can say that website is a collection of web pages. These web pages are continuously accessed on the internet.


Website testing is a type of testing  where test cases or test plans are executed in order to check various web applications.

In website development, security is the main concern that really need to be concentrated upon If your website is not really secured, any unauthorized person can easily hack private information or any confidential data of any user and can lead to a severe harm. Therefore, in web development security testing is most important.


Security testing is a kind of testing in which various static and dynamic analysis are done,
 different test cases are planned and executed in order to find whether client’s website is fully secure or not.


There are a number of ways in which a person illegally harms a website, some of them are:
  • URL manipulation 
  • SQL injection
  • Cross-site scripting
  • Password manipulation


  • For, Http Protocol really matter, I mean security tester definitely should be aware of Http Protocol. He/she should also aware of client-server communication. He must know SQL & XSS. All these things are really important for tester to efficiently plan and implement security testing

  • Sometimes by default username and password of many ID's gets saved into cookies without encryption*. And then obviously hacker can easily extract the login details from there I mean the password and username can enter into the private word of the poor victim.

  • Therefore, during security testing

    , the tester should design the website in such a manner that it should enforce the user to make a strong password by showing 
    him/her some points regarding how to create passwords (like your password should contain at least 1 numeral, 1 capital letter and alphabets from a..z, and, at least, one symbol)

*encryption - encryption is actually the conversion of readable data or information into unreadable codes.
  • Security tester should make sure that any HTML or SCRIPT should not be accepted by the application  otherwise it could prove more prone to the hacker’s attack

       During security testing of any website application, the tester should really need to take care of some important points. These are:
  1.  Configuration details of the application or server
  2.  All the services which are running on the server
  3. User or customer data currently hosted by the application
For more information regarding testing kindly visit:

No comments:

Post a comment

Bookmark Us

Delicious Digg Facebook Favorites More Stumbleupon Twitter