Browse Category

News

10 Most Common Web Security Vulnerabilities

For all too many companies, it’s not until after a breach has occurred that web security becomes a priority. During my years working as an IT Security professional, I have seen time and time again how obscure the world of IT Security is to so many of my fellow programmers.

An effective approach to IT security must, by definition, be proactive and defensive. Toward that end, this post is aimed at sparking a security mindset, hopefully injecting the reader with a healthy dose of paranoia.

In particular, this guide focuses on 10 common and significant web security pitfalls to be aware of, including recommendations on how they can be avoided. The focus is on the Top 10 Web Vulnerabilities identified by the Open Web Application Security Project (OWASP), an international, non-profit organization whose goal is to improve software security across the globe.

A little web security primer before we start – authentication and authorization

When speaking with other programmers and IT professionals, I often encounter confusion regarding the distinction between authorization and authentication. And of course, the fact the abbreviation auth is often used for both helps aggravate this common confusion. This confusion is so common that maybe this issue should be included in this post as “Common Web Vulnerability Zero”.

So before we proceed, let’s clearly the distinction between these two terms:

Authentication: Verifying that a person is (or at least appears to be) a specific user, since he/she has correctly provided their security credentials (password, answers to security questions, fingerprint scan, etc.).

Authorization: Confirming that a particular user has access to a specific resource or is granted permission to perform a particular action.
Stated another way, authentication is knowing who an entity is, while authorization is knowing what a given entity can do.

nonameHosts ready to offer VPS in Dallas

To meet growing demands of our customer we are happy to announce the launch of our new location in Dallas, USA. The decision to open a Dallas datacenter will have a positive impact on our customers throughout the region, in terms of reduced latency and other regulations.

DC room

New location in Frankfurt!

We are proud to inform you that nonamehosts.com is ready to offer VPS hosting services at Versatel DC, our latest location in Frankfurt, Germany!

This data centre employ two independent power feeds that are connected to two separate substations. It is also connected to DE-CIX, the leading Internet Exchange for Central and Eastern Europe with over 500 international customers.

We have chosen locations that have high standards of reliability and an optimal Internet connection. In cooperation with leading carriers and hardware suppliers, we always guarantee quick and permanent availability of your applications.

  • 1
  • 2