Security Measures to take into account when designing web sites


Here are a few measures in order to secure a web site:

  • Always create at least two network boundaries:
    1. A DMZ (i.e. Front-end machine area)
      • Web servers mainly, but it could have other machines used for communication, as long as:
        • No customer data should be hold in this network boundary
        • Machines in this boundary can only talk to machine on the next level down if that machine does not hold any confidential data (e.g. Customer Data, Partners data, Employees data, etc..)
    2. A Back-end machine area (more…)

IIS – Web issue – “Global.asax could not be loaded”

(I had this issue back on 10 April 2006 – original blog entry)

This blog is to raise awareness of new security features in Windows XP SP2 and 2003 SP1 which are not always very visible through the different tools (e.g. Internet Explorer, Windows Explorer, …), but can make applications fail silently without warnings or events being logged. (more…)

%d bloggers like this: