A Guide to Website Security

Having your own website is hard enough. In addition to adding content, trying to grow your audience, maintaining it, now you have to be cautious of malware possibly being spread through your beloved website?

According to Palo Alto Networks’s recent The Modern Malware Review, “90 percent of Unknown Malware [is] Delivered Via Web-Browsing.”

This confirms that most web-based infections fly under the radar for several hours/days before being detected by major antivirus products.

In our previous blog posts, we’ve discussed how web exploits affect end users’ machines and serve malicious payloads.

Let’s take a look behind the curtain on websites and web servers that house and serve malware and how to better protect your own website.

There are millions of websites and the process of getting your own is fairly trivial. Without a doubt the ease of deploying a website and relative low cost to own one is responsible for many of the security issues we face. While you may think of a website as a personal blog, e-commerce site or forum, the bad guys see it as a resource for many purposes:

– Hosting illegal/copyrighted files for free.
– Hosting malware, phishing and fake pharmaceutical pages.
– Sending spam (malware can run on a website just like it does on your desktop computer).
– Gaming Google’s SEO ranking algorithm by stuffing pages with backlinks.
– Performing Denial of Service attacks to knock other websites offline.

Courtesy – http://blog.malwarebytes.org/online-security/2013/06/a-guide-to-website-security/