As you all know security is 1st thing … to check when creating a site that will be used by millions of unknown users. To address that need I should have had take care of that part earlier but as like any other programmer … this popped-up at very end. One day I got a call from my former work buddy … he called me to congratulate me on the launched. While we discussing the development he mentioned that he had just finished his some IT security course and would like to help me in testing the web site. I was all thrilled and excepted the offer. Over the weekend I noticed my server was running slow … and at one point I had to restart it. First I was all worried but then I received an email from him explaining what he had been testing on the site. He also sent me a full review report that explains all the vulnerabilities on the site.
Once I see how serious this can be I tried my best to make all I can to close all the look holes.
Following are few things that I retouched when I upgraded my website security …
1: SQL injections.
2: Verification of data.
3: Friendly page when there is a error on the site.
4: SQL scripts
I think with all these changes … my site should now be some what secure … and might do well once its out open to all the users.
