website security

ATTENTION: You are viewing a page formatted for mobile devices; to view the full web page, click HERE.

Main Area and Open Discussion > General Software Discussion

website security

(1/3) > >>

kalos:
hello!

I am thinking to build a part of a website, where clients will login to view some info about their accounts, etc, although I have no web buililding experience at all

I am willing to learn, but what bothers me is that website security looks hard to achieve, since I see all that major websites been hacked etc

so, there is no simple and totally secure way to achieve this?

thanks!

KynloStephen66515:
Nothing is ever 100% secure :)

The basic rule of thumb is...if its online...people can access it.

Best not to think to much about it...but also best to write some pretty long privacy policies and disclaimers to avoid any possible legal actions from break-ins :)

kalos:
any other method to make info for each client available to him on request?

for example, automated email replies containing the requested info, when I receive their email messages?

any other idea?

40hz:
hello!

I am thinking to build a part of a website, where clients will login to view some info about their accounts, etc, although I have no web buililding experience at all

I am willing to learn, but what bothers me is that website security looks hard to achieve, since I see all that major websites been hacked etc

so, there is no simple and totally secure way to achieve this?

thanks!
-kalos (February 15, 2012, 03:00 PM)
--- End quote ---

In a nutshell? No. There isn't

With all due respect, web and network security is not something you can just casually get into as an amateur (or student) and expect to be able to thwart professional hackers and other cyber-criminals. With some education and experence you could probably stop most script-kiddies and other amateur hackers. But you don't stand a chance against the real baddies - most of whom have extensive technical education and experience to fall back on.

Security is such a rapidly changing and challenging field that even network professionals frequently farm out some or all of their network security requirements to specialists.

Wish it were otherwise, but that's the basic reality of the connected world we live in. :)

mouser:
Stephen and 40hz are right -- there is no 100% guaranteed security. And 40hz advice is on the money -- if this is really sensitive information -- it's just not something that you or even a normal web host/admin is qualified to deal with.

I think the first question you have to answer is how sensitive is this information -- how much fallout would there be if someone did get access to the info? How desirable is the information to an attacker?

Navigation

[0] Message Index

[#] Next page

Go to full version