How to Check whether your website is secure or not?

Hi Guys,can anybody give the answer asked by an interviewer to me "How we will check whether our website is secure or not?"

Questions by mylife   answers by mylife

Showing Answers 1 - 6 of 6 Answers

deepak

  • Jul 25th, 2011
 

Microsoft Internet Explorer displays the lock icon in the lower-right of the browser window
Many SSL Certificate vendors (Verisign, GeoTrust, SSL.com, etc.) also provide a "site seal" to the owners of these web sites.

  Was this answer useful?  Yes

VIVEK SANGANNA

  • Aug 30th, 2011
 

One of the easiest way to know if the web page is secure or not is to notice the padlock at the bottom right hand side of the web page. Once you notice that it means that the page is secure.

  Was this answer useful?  Yes

mithr17

  • Oct 14th, 2011
 

Yes, first visual tests are the padlock and secured protocol (https).
But for thoroughness security testing is your game plan. You can and should tell the interviewer about security testing. If he asks you tell him you have done low-level SQL injections - easiest tutorial at: http://www.securiteam.com/securityreviews/5DP0N1P76E.html

  Was this answer useful?  Yes

At the top of your internet browser , Check if this website address starts with "http://" or whether it starts with "https://".if the page does start with https:// then the website is in a secure area Look for a padlock somewhere in your internet browser. If there is no padlock on the browser somewhere then the page could be unsecure.

If the browser does have a padlock, then it means that the website is secure. NOTE: The padlock is not shown on the website page (as this means absolutely nothing), rather the padlock that youre looking for is somewhere on the browser.Click on the yellow padlock or key icon for an additional check on the level of security.

These icons represent a certificate of authenticity for a website.When you click on the icon, it should display more information about the websites encryption and authentication information. You can click on “View Certificates to see more information about the website and whether it matches with the address being used. Their are two protocols that secure a website - "SSL" (Secure Sockets Layer) and "TLS" (Transport Layer Security). Both of these protocols encrypt information between pages so that if information is "intercepted" by an unauthorized party, the encrypted data is meaningless and useless unless they know have to decrypt the information.

By using SSL or TLS, only the intended recipient has the encryption "key" and can successfully decrypt the information passed to it. SSL and TLS use third party companies such as Comodo, VeriSign or GeoTrust to validate that the website is genuine, provide the encryption and decryption abilities.

  Was this answer useful?  Yes

sudhir

  • Apr 17th, 2013
 

Web Security testing is a very vast topic. There are different levels in it. Fore e.g. DB testing , Protocol testing, Penetration testing, etc.

Simple answer- We should see to it that our data is passed with encryption.
- Better use Post method rather than Get for form submission.
- The site has SSL encryption

  Was this answer useful?  Yes

Give your answer:

If you think the above answer is not correct, Please select a reason and add your answer below.

 

Related Answered Questions

 

Related Open Questions