If you have a WordPress blog or website, you’ll want a regular chain of visitors. Whether you’re sharing your personal opinions on niche topics or you’re running a business, here are a few tips you can use to make sure your WordPress Blog is secure…
The Aftermath of an Online Attack
If you have a website, whether personal or business, that makes you a potential target for an online attack. After all, cyber crime is at an all time high as hackers can make a living from selling private or corporate data. Some people still don’t…
What can Developers do to Better Protect PII?
A client of mine recently asked me if I had any Web development related tips for dealing with Personally Identifiable Information (PII). With this being an information security 101 type question, I had to think about it for a bit. It then occurred to me…
One Thing That Can Buy You More Web Security Than Just About Anything Else
There is no magic bullet when it comes to web security. That said, there is one thing that can buy you more security than practically anything else. It’s your passwords. Your choice in – and management of – your web passwords can make or break…
HTML Form Found in Redirect Page Web Vulnerability
When creating a password protected section for a website, such as an admin portal for a CMS solution, typically developers check if the user session is authenticated. If the user session is not authenticated, the user is redirect to the login page. Maybe because the lack of…
How Aware Do We Have to be Not to Fall for the Bad Guys Antics?
Criminal hackers are getting more and more creative in their phishing and social engineering attacks on the web. This not only puts your website in the crosshairs but also your own personal information. A common question that comes up is: How do I stay in…
What’s the Best Way to Find Web Security Flaws?
With all of the potential ways the bad guys can exploit websites (literally thousands), many people want to know what the best way is to actually uncover these flaws. Well, there’s no magic bullet answer, however, generally speaking Web flaws can be discovered in one…
Should you Test Development, Staging or Production?
You’ve heard me say that planning is half the battle with Web security assessments. I’m finding that more and more people are on board with thinking things through in advance but there’s still one area that’s not getting the attention it deserves. It’s deciding on…
Why Web Security is Not Just IT’s Problem
What’s your take on Web security? Do you see it as one of those techie things that other people should be handling? Or do you see it as your responsibility to ensure everything associated with your Web presence is in check? Well, according to a…