Security in Web Applications

Have you protected your site enough? Use OWASP for your guidelines on how to protect yourself.

Written by Jonathan "JD" Danylko • Last Updated: November 30^th, 2011 • Develop •

Key

As developers code their applications, they should immediately think about security in their design right from the get-go.

However, if it's a legacy system and they don't have the luxury of implementing security into the design, you need to play "little Dutch boy" and plug the existing holes of your application (I know, I know...you probably don't have any holes in your code, but humor me...)

There is a document to assist with these matters to identify the most common ways to hack a web site:

OWASP Top 10 for 2010 (on their Wiki)

The OWASP acronym stand for the the Open Web Application Security Project. Even though this list is from 2010, I would imagine these problems are still relevant and still a problem as we come to a close of 2011.

Some good news for ASP.NET developers. Troy Hunt is doing a 10-part series of how to protect yourself as a .NET Developer from these top ten security issues of 2010. These posts are very detailed and he has done a fantastic job on them. Good reading material for .NET developers.

He's currently on Post #9, but stay tuned for #10 soon.

UPDATE:
I DID find a post for the PHP developers about OWASP security precautions.

Are there any other ones out there addressing other languages besides PHP and .NET? Enter a comment below.

ASP.NET 8 Best Practices by Jonathan Danylko

Reviewed as a "comprehensive guide" and a "roadmap to excellence" with over 120 Best Practices for ASP.NET Core 8, Jonathan's first book by Packt Publishing explores proven techniques for every phase of the SDLC.

Learn industry-standard concepts to improve your coding, debugging, and deployment of ASP.NET Core websites.

Jonathan "JD" Danylko is an author, web architect, and entrepreneur who's been programming for over 30 years. He's developed websites for small, medium, and Fortune 500 companies since 1996.

He currently works at Insight Enterprises as an Architect.

When asked what he likes to do in his spare time, he replies, "I like to write and I like to code. I also like to write about code."

comments powered by Disqus

What's New

October 2^nd, 2024

Created a presentation on Improving Website SEO (Search Engine Optimization) using ASP.NET.
September 9^th, 2024

Updated the About JD page by adding my book and other tidbits
January 10^th, 2024

Added more reviews for my latest book, "ASP.NET 8 Best Practices."
June 22^nd, 2023

Amazon posted the pre-order page for my book (and yes, I'm freaking out a bit).
May 26^th, 2023

Added the Stir Trek 2023 videos link to the post.
November 3^rd, 2022

Updated Technology Trends for Developers by adding the Web Almanac (State of the Web Report)
July 4^th, 2022

Taking it easy today...Happy 4th of July everyone!
June 15^th, 2022

Yikes! My first vidcast EVER! Thanks Ed for the opportunity.
March 14^th, 2022

Updated Collection:Git Resources for Beginners w/ 20 Git Commands for Beginners
March 14^th, 2022

Updated Collection: Web API Best Practices w/ How to design REST APIs and The 10 REST Commandments.

Welcome

Jonathan Danylko Hi! Welcome to DanylkoWeb. This is the PERSONAL web site of Jonathan "JD" Danylko where I focus on Microsoft web technologies including ASP.NET using C#, Web Performance, Code Exorcisms (refactorings), and business lessons learned over a period of 30 years of programming.

I've also collected the best ways to learn C#.

If you have any questions, feel free to contact me.

Search

Morning Coffee Link

November 22^nd, 20245 Games to Play on Paper When You're Bored

View All

Be Social

Follow my blog with Bloglovin

Latest Book

Amazon Unbound

By Brad Stone

ISBN: 1398500976 / 978-1398500976

See the latest books I've read at the Reading Corner.