IE Vulnerabilities: Are You Part of the Problem?

By now you’re probably familiar with the latest Internet Explorer security issues. If not you can review our previous post on the topic. Over the past few years there have been an increasing number of vulnerabilities in Internet browsers. When these issues occur the blame is always placed with the browser itself. However, there is another party that shares some responsibility. Browsers can only fall victim when they visit a site that has been injected with an exploit. As a webmaster it is your responsibility to protect your site and ensure it cannot be used for malicious purposes.

Although there is no way to guarantee 100% security there are some steps you can take to protect your site.

Use a Reputable Web Host
If you are using a hosting service, ensure that they take security serious and have a solid track record. Your host will be solely responsible for numerous configurations and preventative measures. If your host doesn’t provide adequate security your efforts will be worthless.

Validate Collected Data
Data collection forms are commonly used to inject scripts into sites. All data collected from contact forms, the ordering process or other methods should be validated before it is stored in a database.

Update Applications
If you use applications on your site such as WordPress or ZenCart, ensure these applications are patched and updated on a regular basis.

Properly Secure Your Files
Each file on your site should have the minimum security settings needed for it to complete its function. The physical location of the files on your web server should also be evaluated. As files age and new pages are created ensure your security structure is maintained.

Back Up All Content
Backing up your files regularly may not help prevent an attack on your website but if the unthinkable happens you will be able to restore your site

Protect Passwords
The final point to cover when discussing security is the password. Passwords should be strong, meaning they contain a mix of letter, numbers, capitalization, and other symbols. If you have several key areas and functions on your site you may want to consider separate passwords. Passwords should also be changed on a regular basis.