SlideShare a Scribd company logo
Nadar saraswathi college of
arts and science
S. Sowndarya
Web security in cryptography
I M. Sc computer science
Websites are always to prone to security
risks. Cyber crime impacts your business by
hacking your website. Your website is then
used for hacking assaults that install
malicious software or malware on your
visitor’s computer.
Security Considerations
Updated Software
It is mandatory to keep you software
updated. It plays vital role in keeping your
website secure.
SQL Injection
It is an attempt by the hackers to manipulate
your database. It is easy to insert rogue code
into your query that can be used to
manipulate your database such as change
tables, get information or delete data.
Cross Site Scripting (XSS)
It allows the attackers to inject client side
script into web pages. Therefore, while
creating a form It is good to endure that you
check the data being submitted and encode
or strip out any HTML.
Error Messages
You need to be careful about how much
information to be given in the error
messages. For example, if the user fails to
log in the error message should not let the
user know which field is incorrect: username
or password.
Validation of Data
The validation should be performed on both
server side and client side.
Passwords
It is good to enforce password requirements
such as of minimum of eight characters,
including upper case, lower case and special
character. It will help to protect user’s
information in long run.
SSL
It is good practice to use SSL protocol while
passing personal information between
website and web server or database.
Upload files
The file uploaded by the user may contain a
script that when executed on the server
opens up your website.

More Related Content

Similar to Web security

Why You Need A Web Application Firewall
Why You Need A Web Application FirewallWhy You Need A Web Application Firewall
Why You Need A Web Application Firewall
Port80 Software
 
Cross Site Scripting
Cross Site ScriptingCross Site Scripting
Cross Site Scripting
Ali Mattash
 
Web security landscape Unit 3 part 2
Web security landscape Unit 3 part 2Web security landscape Unit 3 part 2
Web security landscape Unit 3 part 2
SURBHI SAROHA
 
Web security 2010
Web security 2010Web security 2010
Web security 2010
Alok Babu
 
Web Security
Web SecurityWeb Security
Web Security
AmbiSure Technologies
 
Web Vulnerabilities And Exploitation - Compromising The Web
Web Vulnerabilities And Exploitation - Compromising The WebWeb Vulnerabilities And Exploitation - Compromising The Web
Web Vulnerabilities And Exploitation - Compromising The Web
Zero Science Lab
 
C01461422
C01461422C01461422
C01461422
IOSR Journals
 
Cross site scripting (xss) attacks issues and defense - by sandeep kumbhar
Cross site scripting (xss) attacks issues and defense - by sandeep kumbharCross site scripting (xss) attacks issues and defense - by sandeep kumbhar
Cross site scripting (xss) attacks issues and defense - by sandeep kumbhar
Sandeep Kumbhar
 
Cross Site Scripting Defense Presentation
Cross Site Scripting Defense Presentation Cross Site Scripting Defense Presentation
Cross Site Scripting Defense Presentation
Ikhade Maro Igbape
 
The most Common Website Security Threats
The most Common Website Security ThreatsThe most Common Website Security Threats
The most Common Website Security Threats
HTS Hosting
 
How to Secure your ecommerce website-Threats and tips
How to Secure your ecommerce website-Threats and tipsHow to Secure your ecommerce website-Threats and tips
How to Secure your ecommerce website-Threats and tips
SilverClouding Consultancy Pvt Ltd
 
Session7-XSS & CSRF
Session7-XSS & CSRFSession7-XSS & CSRF
Session7-XSS & CSRF
zakieh alizadeh
 
Cross site scripting (xss)
Cross site scripting (xss)Cross site scripting (xss)
Cross site scripting (xss)
Manish Kumar
 
Common Security Issues on the Internet
Common Security Issues on the InternetCommon Security Issues on the Internet
Common Security Issues on the Internet
Bretz Harllynne Moltio
 
Pantallas escaneo Sitio Web
Pantallas escaneo Sitio WebPantallas escaneo Sitio Web
Pantallas escaneo Sitio Web
andres1422
 
T04505103106
T04505103106T04505103106
T04505103106
IJERA Editor
 
cyber security
cyber securitycyber security
cyber security
Naveed Ahmed Siddiqui
 
WHY TO TEST YOUR WEBSITE’S SECURITY (Presentation).pdf
WHY TO TEST YOUR  WEBSITE’S SECURITY (Presentation).pdfWHY TO TEST YOUR  WEBSITE’S SECURITY (Presentation).pdf
WHY TO TEST YOUR WEBSITE’S SECURITY (Presentation).pdf
JohnParker598570
 
Cross Site Scripting(XSS)
Cross Site Scripting(XSS)Cross Site Scripting(XSS)
Cross Site Scripting(XSS)
Nabin Dutta
 
10 ways to protect your e commerce site from hacking & fraud
10 ways to protect your e commerce site from hacking & fraud10 ways to protect your e commerce site from hacking & fraud
10 ways to protect your e commerce site from hacking & fraud
WebSitePulse
 

Similar to Web security (20)

Why You Need A Web Application Firewall
Why You Need A Web Application FirewallWhy You Need A Web Application Firewall
Why You Need A Web Application Firewall
 
Cross Site Scripting
Cross Site ScriptingCross Site Scripting
Cross Site Scripting
 
Web security landscape Unit 3 part 2
Web security landscape Unit 3 part 2Web security landscape Unit 3 part 2
Web security landscape Unit 3 part 2
 
Web security 2010
Web security 2010Web security 2010
Web security 2010
 
Web Security
Web SecurityWeb Security
Web Security
 
Web Vulnerabilities And Exploitation - Compromising The Web
Web Vulnerabilities And Exploitation - Compromising The WebWeb Vulnerabilities And Exploitation - Compromising The Web
Web Vulnerabilities And Exploitation - Compromising The Web
 
C01461422
C01461422C01461422
C01461422
 
Cross site scripting (xss) attacks issues and defense - by sandeep kumbhar
Cross site scripting (xss) attacks issues and defense - by sandeep kumbharCross site scripting (xss) attacks issues and defense - by sandeep kumbhar
Cross site scripting (xss) attacks issues and defense - by sandeep kumbhar
 
Cross Site Scripting Defense Presentation
Cross Site Scripting Defense Presentation Cross Site Scripting Defense Presentation
Cross Site Scripting Defense Presentation
 
The most Common Website Security Threats
The most Common Website Security ThreatsThe most Common Website Security Threats
The most Common Website Security Threats
 
How to Secure your ecommerce website-Threats and tips
How to Secure your ecommerce website-Threats and tipsHow to Secure your ecommerce website-Threats and tips
How to Secure your ecommerce website-Threats and tips
 
Session7-XSS & CSRF
Session7-XSS & CSRFSession7-XSS & CSRF
Session7-XSS & CSRF
 
Cross site scripting (xss)
Cross site scripting (xss)Cross site scripting (xss)
Cross site scripting (xss)
 
Common Security Issues on the Internet
Common Security Issues on the InternetCommon Security Issues on the Internet
Common Security Issues on the Internet
 
Pantallas escaneo Sitio Web
Pantallas escaneo Sitio WebPantallas escaneo Sitio Web
Pantallas escaneo Sitio Web
 
T04505103106
T04505103106T04505103106
T04505103106
 
cyber security
cyber securitycyber security
cyber security
 
WHY TO TEST YOUR WEBSITE’S SECURITY (Presentation).pdf
WHY TO TEST YOUR  WEBSITE’S SECURITY (Presentation).pdfWHY TO TEST YOUR  WEBSITE’S SECURITY (Presentation).pdf
WHY TO TEST YOUR WEBSITE’S SECURITY (Presentation).pdf
 
Cross Site Scripting(XSS)
Cross Site Scripting(XSS)Cross Site Scripting(XSS)
Cross Site Scripting(XSS)
 
10 ways to protect your e commerce site from hacking & fraud
10 ways to protect your e commerce site from hacking & fraud10 ways to protect your e commerce site from hacking & fraud
10 ways to protect your e commerce site from hacking & fraud
 

More from soundaryasellapandia

apache hadOop.pdf
apache hadOop.pdfapache hadOop.pdf
apache hadOop.pdf
soundaryasellapandia
 
Microfinance and entrepreneur skill and competition
Microfinance and entrepreneur skill and competitionMicrofinance and entrepreneur skill and competition
Microfinance and entrepreneur skill and competition
soundaryasellapandia
 
Color quantization
Color quantizationColor quantization
Color quantization
soundaryasellapandia
 
cloud security challenges and risk.pptx
cloud security challenges and risk.pptxcloud security challenges and risk.pptx
cloud security challenges and risk.pptx
soundaryasellapandia
 
artificial intelligence.pptx
artificial intelligence.pptxartificial intelligence.pptx
artificial intelligence.pptx
soundaryasellapandia
 
cloud computing.pdf
cloud computing.pdfcloud computing.pdf
cloud computing.pdf
soundaryasellapandia
 
ARTIFICIAL INTELIGENCE.pdf
ARTIFICIAL INTELIGENCE.pdfARTIFICIAL INTELIGENCE.pdf
ARTIFICIAL INTELIGENCE.pdf
soundaryasellapandia
 
Memory management
Memory managementMemory management
Memory management
soundaryasellapandia
 
Querying a graph
Querying a graphQuerying a graph
Querying a graph
soundaryasellapandia
 
Integration java with python.pdf
Integration java with python.pdfIntegration java with python.pdf
Integration java with python.pdf
soundaryasellapandia
 

More from soundaryasellapandia (10)

apache hadOop.pdf
apache hadOop.pdfapache hadOop.pdf
apache hadOop.pdf
 
Microfinance and entrepreneur skill and competition
Microfinance and entrepreneur skill and competitionMicrofinance and entrepreneur skill and competition
Microfinance and entrepreneur skill and competition
 
Color quantization
Color quantizationColor quantization
Color quantization
 
cloud security challenges and risk.pptx
cloud security challenges and risk.pptxcloud security challenges and risk.pptx
cloud security challenges and risk.pptx
 
artificial intelligence.pptx
artificial intelligence.pptxartificial intelligence.pptx
artificial intelligence.pptx
 
cloud computing.pdf
cloud computing.pdfcloud computing.pdf
cloud computing.pdf
 
ARTIFICIAL INTELIGENCE.pdf
ARTIFICIAL INTELIGENCE.pdfARTIFICIAL INTELIGENCE.pdf
ARTIFICIAL INTELIGENCE.pdf
 
Memory management
Memory managementMemory management
Memory management
 
Querying a graph
Querying a graphQuerying a graph
Querying a graph
 
Integration java with python.pdf
Integration java with python.pdfIntegration java with python.pdf
Integration java with python.pdf
 

Recently uploaded

SAR of Medicinal Chemistry 1st by dk.pdf
SAR of Medicinal Chemistry 1st by dk.pdfSAR of Medicinal Chemistry 1st by dk.pdf
SAR of Medicinal Chemistry 1st by dk.pdf
KrushnaDarade1
 
ANAMOLOUS SECONDARY GROWTH IN DICOT ROOTS.pptx
ANAMOLOUS SECONDARY GROWTH IN DICOT ROOTS.pptxANAMOLOUS SECONDARY GROWTH IN DICOT ROOTS.pptx
ANAMOLOUS SECONDARY GROWTH IN DICOT ROOTS.pptx
RASHMI M G
 
The binding of cosmological structures by massless topological defects
The binding of cosmological structures by massless topological defectsThe binding of cosmological structures by massless topological defects
The binding of cosmological structures by massless topological defects
Sérgio Sacani
 
Travis Hills' Endeavors in Minnesota: Fostering Environmental and Economic Pr...
Travis Hills' Endeavors in Minnesota: Fostering Environmental and Economic Pr...Travis Hills' Endeavors in Minnesota: Fostering Environmental and Economic Pr...
Travis Hills' Endeavors in Minnesota: Fostering Environmental and Economic Pr...
Travis Hills MN
 
NuGOweek 2024 Ghent programme overview flyer
NuGOweek 2024 Ghent programme overview flyerNuGOweek 2024 Ghent programme overview flyer
NuGOweek 2024 Ghent programme overview flyer
pablovgd
 
Phenomics assisted breeding in crop improvement
Phenomics assisted breeding in crop improvementPhenomics assisted breeding in crop improvement
Phenomics assisted breeding in crop improvement
IshaGoswami9
 
Comparing Evolved Extractive Text Summary Scores of Bidirectional Encoder Rep...
Comparing Evolved Extractive Text Summary Scores of Bidirectional Encoder Rep...Comparing Evolved Extractive Text Summary Scores of Bidirectional Encoder Rep...
Comparing Evolved Extractive Text Summary Scores of Bidirectional Encoder Rep...
University of Maribor
 
Orion Air Quality Monitoring Systems - CWS
Orion Air Quality Monitoring Systems - CWSOrion Air Quality Monitoring Systems - CWS
Orion Air Quality Monitoring Systems - CWS
Columbia Weather Systems
 
Nucleic Acid-its structural and functional complexity.
Nucleic Acid-its structural and functional complexity.Nucleic Acid-its structural and functional complexity.
Nucleic Acid-its structural and functional complexity.
Nistarini College, Purulia (W.B) India
 
3D Hybrid PIC simulation of the plasma expansion (ISSS-14)
3D Hybrid PIC simulation of the plasma expansion (ISSS-14)3D Hybrid PIC simulation of the plasma expansion (ISSS-14)
3D Hybrid PIC simulation of the plasma expansion (ISSS-14)
David Osipyan
 
Medical Orthopedic PowerPoint Templates.pptx
Medical Orthopedic PowerPoint Templates.pptxMedical Orthopedic PowerPoint Templates.pptx
Medical Orthopedic PowerPoint Templates.pptx
terusbelajar5
 
The use of Nauplii and metanauplii artemia in aquaculture (brine shrimp).pptx
The use of Nauplii and metanauplii artemia in aquaculture (brine shrimp).pptxThe use of Nauplii and metanauplii artemia in aquaculture (brine shrimp).pptx
The use of Nauplii and metanauplii artemia in aquaculture (brine shrimp).pptx
MAGOTI ERNEST
 
20240520 Planning a Circuit Simulator in JavaScript.pptx
20240520 Planning a Circuit Simulator in JavaScript.pptx20240520 Planning a Circuit Simulator in JavaScript.pptx
20240520 Planning a Circuit Simulator in JavaScript.pptx
Sharon Liu
 
THEMATIC APPERCEPTION TEST(TAT) cognitive abilities, creativity, and critic...
THEMATIC  APPERCEPTION  TEST(TAT) cognitive abilities, creativity, and critic...THEMATIC  APPERCEPTION  TEST(TAT) cognitive abilities, creativity, and critic...
THEMATIC APPERCEPTION TEST(TAT) cognitive abilities, creativity, and critic...
Abdul Wali Khan University Mardan,kP,Pakistan
 
mô tả các thí nghiệm về đánh giá tác động dòng khí hóa sau đốt
mô tả các thí nghiệm về đánh giá tác động dòng khí hóa sau đốtmô tả các thí nghiệm về đánh giá tác động dòng khí hóa sau đốt
mô tả các thí nghiệm về đánh giá tác động dòng khí hóa sau đốt
HongcNguyn6
 
Topic: SICKLE CELL DISEASE IN CHILDREN-3.pdf
Topic: SICKLE CELL DISEASE IN CHILDREN-3.pdfTopic: SICKLE CELL DISEASE IN CHILDREN-3.pdf
Topic: SICKLE CELL DISEASE IN CHILDREN-3.pdf
TinyAnderson
 
Nucleophilic Addition of carbonyl compounds.pptx
Nucleophilic Addition of carbonyl  compounds.pptxNucleophilic Addition of carbonyl  compounds.pptx
Nucleophilic Addition of carbonyl compounds.pptx
SSR02
 
EWOCS-I: The catalog of X-ray sources in Westerlund 1 from the Extended Weste...
EWOCS-I: The catalog of X-ray sources in Westerlund 1 from the Extended Weste...EWOCS-I: The catalog of X-ray sources in Westerlund 1 from the Extended Weste...
EWOCS-I: The catalog of X-ray sources in Westerlund 1 from the Extended Weste...
Sérgio Sacani
 
DMARDs Pharmacolgy Pharm D 5th Semester.pdf
DMARDs Pharmacolgy Pharm D 5th Semester.pdfDMARDs Pharmacolgy Pharm D 5th Semester.pdf
DMARDs Pharmacolgy Pharm D 5th Semester.pdf
fafyfskhan251kmf
 
The debris of the ‘last major merger’ is dynamically young
The debris of the ‘last major merger’ is dynamically youngThe debris of the ‘last major merger’ is dynamically young
The debris of the ‘last major merger’ is dynamically young
Sérgio Sacani
 

Recently uploaded (20)

SAR of Medicinal Chemistry 1st by dk.pdf
SAR of Medicinal Chemistry 1st by dk.pdfSAR of Medicinal Chemistry 1st by dk.pdf
SAR of Medicinal Chemistry 1st by dk.pdf
 
ANAMOLOUS SECONDARY GROWTH IN DICOT ROOTS.pptx
ANAMOLOUS SECONDARY GROWTH IN DICOT ROOTS.pptxANAMOLOUS SECONDARY GROWTH IN DICOT ROOTS.pptx
ANAMOLOUS SECONDARY GROWTH IN DICOT ROOTS.pptx
 
The binding of cosmological structures by massless topological defects
The binding of cosmological structures by massless topological defectsThe binding of cosmological structures by massless topological defects
The binding of cosmological structures by massless topological defects
 
Travis Hills' Endeavors in Minnesota: Fostering Environmental and Economic Pr...
Travis Hills' Endeavors in Minnesota: Fostering Environmental and Economic Pr...Travis Hills' Endeavors in Minnesota: Fostering Environmental and Economic Pr...
Travis Hills' Endeavors in Minnesota: Fostering Environmental and Economic Pr...
 
NuGOweek 2024 Ghent programme overview flyer
NuGOweek 2024 Ghent programme overview flyerNuGOweek 2024 Ghent programme overview flyer
NuGOweek 2024 Ghent programme overview flyer
 
Phenomics assisted breeding in crop improvement
Phenomics assisted breeding in crop improvementPhenomics assisted breeding in crop improvement
Phenomics assisted breeding in crop improvement
 
Comparing Evolved Extractive Text Summary Scores of Bidirectional Encoder Rep...
Comparing Evolved Extractive Text Summary Scores of Bidirectional Encoder Rep...Comparing Evolved Extractive Text Summary Scores of Bidirectional Encoder Rep...
Comparing Evolved Extractive Text Summary Scores of Bidirectional Encoder Rep...
 
Orion Air Quality Monitoring Systems - CWS
Orion Air Quality Monitoring Systems - CWSOrion Air Quality Monitoring Systems - CWS
Orion Air Quality Monitoring Systems - CWS
 
Nucleic Acid-its structural and functional complexity.
Nucleic Acid-its structural and functional complexity.Nucleic Acid-its structural and functional complexity.
Nucleic Acid-its structural and functional complexity.
 
3D Hybrid PIC simulation of the plasma expansion (ISSS-14)
3D Hybrid PIC simulation of the plasma expansion (ISSS-14)3D Hybrid PIC simulation of the plasma expansion (ISSS-14)
3D Hybrid PIC simulation of the plasma expansion (ISSS-14)
 
Medical Orthopedic PowerPoint Templates.pptx
Medical Orthopedic PowerPoint Templates.pptxMedical Orthopedic PowerPoint Templates.pptx
Medical Orthopedic PowerPoint Templates.pptx
 
The use of Nauplii and metanauplii artemia in aquaculture (brine shrimp).pptx
The use of Nauplii and metanauplii artemia in aquaculture (brine shrimp).pptxThe use of Nauplii and metanauplii artemia in aquaculture (brine shrimp).pptx
The use of Nauplii and metanauplii artemia in aquaculture (brine shrimp).pptx
 
20240520 Planning a Circuit Simulator in JavaScript.pptx
20240520 Planning a Circuit Simulator in JavaScript.pptx20240520 Planning a Circuit Simulator in JavaScript.pptx
20240520 Planning a Circuit Simulator in JavaScript.pptx
 
THEMATIC APPERCEPTION TEST(TAT) cognitive abilities, creativity, and critic...
THEMATIC  APPERCEPTION  TEST(TAT) cognitive abilities, creativity, and critic...THEMATIC  APPERCEPTION  TEST(TAT) cognitive abilities, creativity, and critic...
THEMATIC APPERCEPTION TEST(TAT) cognitive abilities, creativity, and critic...
 
mô tả các thí nghiệm về đánh giá tác động dòng khí hóa sau đốt
mô tả các thí nghiệm về đánh giá tác động dòng khí hóa sau đốtmô tả các thí nghiệm về đánh giá tác động dòng khí hóa sau đốt
mô tả các thí nghiệm về đánh giá tác động dòng khí hóa sau đốt
 
Topic: SICKLE CELL DISEASE IN CHILDREN-3.pdf
Topic: SICKLE CELL DISEASE IN CHILDREN-3.pdfTopic: SICKLE CELL DISEASE IN CHILDREN-3.pdf
Topic: SICKLE CELL DISEASE IN CHILDREN-3.pdf
 
Nucleophilic Addition of carbonyl compounds.pptx
Nucleophilic Addition of carbonyl  compounds.pptxNucleophilic Addition of carbonyl  compounds.pptx
Nucleophilic Addition of carbonyl compounds.pptx
 
EWOCS-I: The catalog of X-ray sources in Westerlund 1 from the Extended Weste...
EWOCS-I: The catalog of X-ray sources in Westerlund 1 from the Extended Weste...EWOCS-I: The catalog of X-ray sources in Westerlund 1 from the Extended Weste...
EWOCS-I: The catalog of X-ray sources in Westerlund 1 from the Extended Weste...
 
DMARDs Pharmacolgy Pharm D 5th Semester.pdf
DMARDs Pharmacolgy Pharm D 5th Semester.pdfDMARDs Pharmacolgy Pharm D 5th Semester.pdf
DMARDs Pharmacolgy Pharm D 5th Semester.pdf
 
The debris of the ‘last major merger’ is dynamically young
The debris of the ‘last major merger’ is dynamically youngThe debris of the ‘last major merger’ is dynamically young
The debris of the ‘last major merger’ is dynamically young
 

Web security

  • 1. Nadar saraswathi college of arts and science S. Sowndarya Web security in cryptography I M. Sc computer science
  • 2. Websites are always to prone to security risks. Cyber crime impacts your business by hacking your website. Your website is then used for hacking assaults that install malicious software or malware on your visitor’s computer.
  • 3. Security Considerations Updated Software It is mandatory to keep you software updated. It plays vital role in keeping your website secure.
  • 4. SQL Injection It is an attempt by the hackers to manipulate your database. It is easy to insert rogue code into your query that can be used to manipulate your database such as change tables, get information or delete data.
  • 5. Cross Site Scripting (XSS) It allows the attackers to inject client side script into web pages. Therefore, while creating a form It is good to endure that you check the data being submitted and encode or strip out any HTML.
  • 6. Error Messages You need to be careful about how much information to be given in the error messages. For example, if the user fails to log in the error message should not let the user know which field is incorrect: username or password.
  • 7. Validation of Data The validation should be performed on both server side and client side.
  • 8. Passwords It is good to enforce password requirements such as of minimum of eight characters, including upper case, lower case and special character. It will help to protect user’s information in long run.
  • 9. SSL It is good practice to use SSL protocol while passing personal information between website and web server or database.
  • 10. Upload files The file uploaded by the user may contain a script that when executed on the server opens up your website.