XSS Attacks Are Still Around; Make Sure Your Web Developer Knows This

When most people think about making a web page, they just think about the graphics and the underlying code that they are going to need. They know that they are going to have to learn a language like HTML so that they can give the web page structure. Then they know that they are going to have to learn how to manipulate the client side of the browser with a language like JavaScript.

JavaScript has become the assembly language of the internet these days so if you are going to be developing web pages for a living then you are going to have to make sure that you are at least comfortable with the JavaScript language.

And the last part that you are going need is CSS. This is what gives your web page a graphic presentation. It is what makes the font the right size and the background of the page the right color. But that is not all you need to know when it comes to making modern day web pages.

You also need to know about security and how to keep your web page safe.

The security of your web page is just as important as how it looks and the content that is on the page itself. If people do not think that they can go to the web page without their computer being infected or their personal information being stolen then there is no way that they are going to go back to it. They will look for another web page that has a similar service of gives out similar information but it will be a lot safer.

Whilst you do not have to be a security expert you do have to know how to stop the most basics of attacks. You will not ever be able to stop everything that will try to hit your web site but you can make sure that you do not leave the basics out there open to attack. Once you do that then you will find out very quickly that the wolves are out there ready to attack over and over again.

One of the basics that you have to look for when you are talking about web security is the XSS attack.

The XSS attack is also known as the Cross Site Scripting Attack. With this type of attack it allows the attacker to be able to insert executable code on a web page. Once the code is inserted then they wait for the web sites users to come by and trigger the code. From there it is no telling what the attack is going to do.

One of the most common attacks using XSS is cookie stealing. This allows the attacker to pretend like he is one of your normal users and allows them access to the same information that the normal user would get. The XSS attack has been harder to do these days because the browser makers are taking a lot of time to make sure that it is hard to execute. And that is a good thing for both end users and the people who make web pages.

But the people who make web pages have to remember that XSS attacks still happen. They are just more complicated and take a lot more work to make happen. But do not believe that they have gone away completely. That is why you still have to protect your web site from attacks like this. The main way that you can make sure that your site is protected is by filtering all information that goes in and out of your web page. This will go a long way in keeping you and your users safe.

About Lee Munson

Lee's non-technical background allows him to write about internet security in a clear way that is understandable to both IT professionals and people just like you who need simple answers to your security questions.

Speak Your Mind

*