I have been reading a fair bit of documentation on Web Security and was wondering what people think is the best way to secure a site. I will have a site on WinNT and IIS 4 where customers will login and make orders ( no credit card details ), track orders, etc. These customer and order details must be secure. From what I have read, SSL seems to be suitable. Any other suggestions.
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations IamaSherpa on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Is SSL the way to go??
- Thread starter Mighty
- Start date
MikeBarone
Programmer
I don't know about 'other' suggestions but I recommend to all my clients that are going to deal with credit card processing to use SSL. With hackers getting more and more sophisticated every day it is the very least you can do.
Another word of wisdom is having your server administrator turn off directory browsing. Allowing the user to view contents of a directory is risky at best. If you forget to add a default file (index.htm, default.htm, home.htm, etc.) to a directory that contains important information and you allow directory browsing the user can open up all the files in that directory.
» » » » » »
Mike Barone
FREE and Pro CGI/Perl Scripts
Another word of wisdom is having your server administrator turn off directory browsing. Allowing the user to view contents of a directory is risky at best. If you forget to add a default file (index.htm, default.htm, home.htm, etc.) to a directory that contains important information and you allow directory browsing the user can open up all the files in that directory.
» » » » » »
Mike Barone
FREE and Pro CGI/Perl Scripts
- Status
Similar threads
- Locked
- Question
- Locked
- Question
- Locked
- Question
