| Forum Home | ||||
| PC World Chat | ||||
| Thread ID: 104932 | 2009-11-13 03:11:00 | How secure is your website? Do the TEST | lance4k (4644) | PC World Chat |
| Post ID | Timestamp | Content | User | ||
| 829768 | 2009-11-13 03:11:00 | I was just at my friends place and he was using Acunetix Web Vulnerability Scanner(it's free) to scan his own website and there were so many vulnerabilities it wasn't funny . He is going to firewall his web server now . Some of the vulnerabilities were with his web server software and some with his website code itself . Are NZ website designers thesedays aware of all the vulnerabilities when they write their html/php/javascript code? Because my friend's website was made by a NZ web design firm . Should i get my website designed by a NZ web design firm or a USA web design firm? Even NOT regarding security, but Cleaness of html code and ahering to web standards, i was looking at some NZ websites like geekzone . co . nz/ nzherald . co . nz/ themarch . org . nz and they all seem to fail the web standards test at validator . w3 . org (http://validator . w3 . org) . Heck the only NZ website i could find that actually PASSED the test at validator . w3 . org was trademe . co . nz |
lance4k (4644) | ||
| 829769 | 2009-11-13 03:21:00 | Interesting PCWorld (www.imagef1.net.nz) | wainuitech (129) | ||
| 829770 | 2009-11-13 04:07:00 | I was just at my friends place and he was using Acunetix Web Vulnerability Scanner(it's free) to scan his own website and there were so many vulnerabilities it wasn't funny. He is going to firewall his web server now.As a rule, with a properly configured webserver, the firewall is the least of your problems. The applications running on it are the usual vector. Some of the vulnerabilities were with his web server software and some with his website code itself.Which server was he using? Was it up to date? The same question applies to any CGI apps he was running, and any web applications built on top of those. Are NZ website designers thesedays aware of all the vulnerabilities when they write their html/php/javascript code? Because my friend's website was made by a NZ web design firm. That's a meaningless question - the location of a programmer doesn't dictate how good they are. There are plenty of both - programmers who will do a good job with reasonably good security, and programmers who will write the most godawful insecure mess you will ever meet, and commit such travesties as executing raw, unsanitised SQL from an AJAX app. Should i get my website designed by a NZ web design firm or a USA web design firm? Either - it doesn't matter. Just make sure you get someone who will do a good job. If you hire someone who can't code their way out of a wet paper bag, you'll seriously regret it later. Even NOT regarding security, but Cleaness of html code and ahering to web standards, i was looking at some NZ websites like geekzone.co.nz/ nzherald.co.nz/ themarch.org.nz and they all seem to fail the web standards test at validator.w3.org (http://validator.w3.org) . Heck the only NZ website i could find that actually PASSED the test at validator.w3.org was trademe.co.nzWho cares? Valid markup is nice, but having a site that works everywhere is nicer :rolleyes:. Usually such a site will validate, but there are a few compatibility hacks that will actually break validation, despite having a positive effect. Note that this isn't always the case - often it's just lazy coders too, and the deviations don't actually serve any useful purpose. [Edit: Note also that auditing tools such as the one you've mentioned above won't catch everything, not by a long shot. If you care enough to audit your site, pay someone with the relevant knowledge to do it properly.] |
Erayd (23) | ||
| 829771 | 2009-11-13 04:54:00 | [Edit: Note also that auditing tools such as the one you've mentioned above won't catch everything, not by a long shot. If you care enough to audit your site, pay someone with the relevant knowledge to do it properly.] Hint hint... hire Erayd. |
somebody (208) | ||
| 829772 | 2009-11-13 05:06:00 | Hint hint... hire Erayd. Haha, I have enough work right now, but thanks for the thought :). |
Erayd (23) | ||
| 829773 | 2009-11-13 05:29:00 | Even NOT regarding security, but Cleaness of html code and ahering to web standards, i was looking at some NZ websites like geekzone.co.nz/ nzherald.co.nz/ themarch.org.nz and they all seem to fail the web standards test at validator.w3.org (http://validator.w3.org) . Heck the only NZ website i could find that actually PASSED the test at validator.w3.org was trademe.co.nz Who cares? Valid markup is nice, but having a site that works everywhere is nicer :rolleyes:. Usually such a site will validate, but there are a few compatibility hacks that will actually break validation, despite having a positive effect. Note that this isn't always the case - often it's just lazy coders too, and the deviations don't actually serve any useful purpose. I agree with Erayd here, it’s nicer for a website to work everywhere, then a site that validates. |
stu161204 (123) | ||
| 829774 | 2009-11-13 05:54:00 | the only NZ website i could find that actually PASSED the test at validator.w3.org was [B]trademe.co.nz Oh really. See attached image. It has javascript errors for a start. My website gave 12 errors, details seem to be whinging about things like: Line 82, Column 21: value of attribute "NAME" must be a single token <meta name="design by" content="BasicTemplates.com"> This attribute can not take a space-separated list of words as a value, but only one word ("token"). This may also be caused by the use of a space for the value of an attribute which does not permit it. |
pctek (84) | ||
| 829775 | 2009-11-13 07:06:00 | :lol: www.imagef1.net.nz |
jwil1 (65) | ||
| 829776 | 2009-11-13 07:32:00 | We covered this when I was studying I htink from memory between the whole class we on;y came up with 2 sites that validated, not even our lecturers own site and he was teaching us html. | gary67 (56) | ||
| 829777 | 2009-11-13 07:39:00 | I've been creating and hosting websites for over 8 years. Never had any problems. Stupid scaremongering is, um, scaremongering. | Greg (193) | ||
| 1 2 | |||||