How secure is your website?

Having an online presence for your business is brilliant and a must have for the 21st century, but there is a darker side to this which could leave all your information open to Internet predators.

This article will cover two main hot topics of website security they are SQL Injection and Cross Site Scripting.

SQL Injection

A database driven website is brilliant to keep a dynamic and up to date website with features such as news articles, blogs, forums etc. But what happens when you're not in control of your database anymore? Take for instance a login page, you enter your username and password and this is then checked for results in the database and as long as they are correct they allow you access to the password-protected pages. The database query for this could look something like this:

select * from users where user='adam' and password='qwerty'

Now look what happens if we where to change the password to ' or user like '% the database query now looks something like this.

select * from users where user='adam' and password='' or user like '%'

What this has done is totally bypass the username and password and instead just selected any random user from the users database to login with and your security has now been defeated.

As well as using sql injection to bypass security you can use it to mine information from a website.

Take for example a hotel chain might have a profile on their website for each of their hotels. Each hotel might be accessed using a website address such as:

www.hotelchain.com/hotels/hotel-middleton

When visited this in turn would make a request to the database as follows:

select hotel_id,hotel_name,hotel_info from hotels where hotel_name='hotel-middleton'

Now if we alter the website address we visit to the following:

www.hotelchain.com/hotels/hote' UNION select user,password,email from users where user like 'a%

This would then change the database query to:

select hotel_id,hotel_name,hotel_info from hotels where hotel_name='hote' UNION select user,password,email from users where user like 'a%'

This database query first checks the hotels database for a hotel name of 'hote' which dosen't exist and then checks the users database for any username starting with the letter a. The username,password and email address of the user would they be displayed on the website instead of the hotel information.

XSS (cross site scripting)

cross site scripting is the art of passing expected variables to a website but making them behave in a different manner.

One of the most common xss problems are on login pages where the URL looks something like this:

www.webiste.com/login.php?error=your%20username%20or%20password%20were%20incorrect

And then the text your username or password were incorrect are displayed on the webpage. You can actually change the wording on the website to whatever you like because it just gets the information from the URL.

This problem gets worse when instead if just changing text you start adding Javascript in to the URL so the website will then run commands on the browser. This could be done to steal cookies from your computer, produce a fake login box which would look real to the end user but would in fact be stealing all the usernames and passwords entered into it.

Security is a big problem that often gets overlooked. But as part of our campaign to produce secure websites and give your customers a better web experience we can provide a free 15 minute assessment of your website to see if it has any of the mentioned security problems. We will then report these findings back to you with appropriate solutions to fixing them

So please contact us for a chat about how we could help you with this.