The need for website security

Website defacement

You may be developing a simple, straight forward personal website, containing information that’s both public, and easy to back-up, and so implementing proper security measures doesn’t present much interest. However, no matter how simple or low-value your system is, it is definitely not your intention to have it defaced by hackers. Failing to secure your website guarantees that, sooner or late, it will be defaced, if only for the lulz. Happened to me? Oh, yes.

Your website as a phishing site

Once an attacker has some degree of control of your system, your website has the potential of becoming a phishing site. This is so much worse than simple defacement because of the implications, that can escalate to legal issues. Happened to me? You bet.

Compromise of your users’ privacy

(including yours)

An unsecured system puts its users’ private data at risk of being captured by malevolent third parties. For example, an attacker may get hold of user passwords and email from your files or databases (happened to Reddit, no less), and be able to actually read them (happened to Reddit, no less), thanks to your neglect of security. This sort of compromise might do more harm then you think, given the central role of the email address in web security, and the fact that users tend to use the same password on many online services.

Loss of data

The thought of losing 3000+ blog posts that you did not back-up, some of which had great Google PageRank, or having your mailing list disappear, should be incentive enough to mind your website’s security. Not to mention you might have some pretty good scripts there, that you were trying to keep closed-source. Guess what? They’re “open-source” now.

What about losing your users’ data? Even if it’s not sensitive data, such as blog posts and rants on your publishing platform or collective blog, your users might need or miss it.

Other & conclusion

Such as your website being part of a botnet. Or something else not very common or apparent. The bottom line is this: however trivial your system, you need to secure it, unless you enjoy working in vain, having your work stolen or lost, or being made a fool of.

Be the first to rate this article:


Leave a Reply

Your email address will not be published. Required fields are marked *

Allowed HTML tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

Subscribe to article comments   Subscribe to all comments