Techo Rama

If we want to know that, the web app, which you are using or your own web application, is prone to vulnerabilities, then check for the following points: 1) Exposed usage Statistics Every web administrator wants to know who is visiting his site. We also have lot of tools to check that and there are certain open source applications that will help you figure out the statistics. But most web admins fail to lock these applications and they advertise that the app used by them is prone to vulnerabilities. 2) Copies of Backup files Developers often rename their old files when uploading a new version. But till then every thing is fine the problem occurs when the developer fails to remove the older file and that file becomes a treat for the hackers. 3) Your site shows up on the ‘Wall of Shame’ ‘Wall of Shame’ web sites have begun to emerge where participants post vulnerable web sites as they approach them. If your site shows up on that then you have to think seriously about that. 4) Browseable directories The web server should be locked down and the browse able directories should be checked. 5) Login credentials passed over clear text Log in credentials should not be passed on in any way. 6) Outdated SSL certificates The SSL certificates used for the security purpose should not be outdated and care should be taken to check that the certificates are regularly updated. 7) Vulnerable third party applications Before allowing third party applications on your page check that they are not vulnerable. Verbose error messages Verbose error messages are useful for users but the users take them as a red signal and they don’t surf your site. 9) Developer comments in source code Care should be taken to remove all comments before they go into the code to be published. 10) You’ve been defaced If your site shows up in Zone-H Defacement archive then don’t read this blog just go and try to repair your site…!