Improved Attacks, Improved Defenses: Defeating Security Issues with Good Development

by / Sunday, 29 July 2012 / Published in News

Some websites are so poorly designed that they constitute serious security risks to visitors. There are a multitude of different attacks that hackers can use to exploit such websites. Cross scripting, for example, is a tactic that has been used over and over again to download malicious code onto people’s computers without them knowing it. Download links might be redirected to something that installs a virus on a user’s computer in some cases and, in other cases, however malicious they may be, the attack strategies used by hackers are really quite clever. It’s important to know when you’re out of your league.

Why Professionals Matter

Preventing your website from becoming a security risk requires skill and knowledge. Unless you do have professional web development skills, it’s unlikely that you have the requisite tools to find security holes. In the same way that an accountant can recognize signs that indicate somebody is embezzling, a skilled web developer can recognize signs that a website might have security holes in it or that it is actively posing a security threat. By utilizing the skills of a professional developer, you can oftentimes remedy existing security problems and prevent new ones for manifesting.

Validating Code

One of the very understandable and common ways that developers will check a site to see if it has been programmed correctly is doing what’s called validating code. This checks the website code to make sure that it conforms to current development standards. If it does not, it may not only pose a security threat but it may also reduce your chances of being indexed by the search engines for the keywords that apply to your content.

Developers can go much deeper than this. For example, developers are generally aware of common security exploits and will check the website to make certain that they aren’t vulnerable to such exploits. A skilled hacker could insert a frame into your website that’s too small for you to see, for example, but a developer would recognize the code when they see it.

Limiting Access

One of the concepts that go into designing a website from a security standpoint is the concept of giving every user the least possible access to do what they need to do. For example, nobody but the actual administrator of the website should ever have administrative privileges for a website. Programmers set up privileges on websites and good programmers can make sure they’re set up right.


One of the biggest security holes that people unknowingly create on their own website comes from not being discerning enough about the links that they put on their site. This can happen in many ways. Perhaps you have a blog section where you don’t moderate comments and people put up malicious links on the comments section. Perhaps you start randomly adding links as a search engine optimization strategy and don’t take into consideration that you may be referring visitors to sites that are downright dangerous.

Having a professional take a look at your site will generally reveal if you’ve made any of these common mistakes. Correcting them can meaningfully increase the overall security of your website.

Your Hosting

Talk to your website developer about what type of hosting is best for your intended usage. In some cases, you may be able to get away with having a virtual hosting account but, in others, it may be better for your site if you have your own dedicated server. Your developer will be able to explain to you the benefits of the different server packages available and which has the appropriate level of security for your site.