Web Security Introduction

Web security
Web security

What is Web Security

Web security also known as Cybersecurity involves protecting websites or web applications by detecting, preventing and responding to attacks. Websites and web applications are just as prone to security breaches as physical homes, stores, and government locations

What are web threats?

Web threats pose a broad range of risks, including financial damages, identity theft, loss of confidential information/data, theft of network resources, damaged brand/personal reputation, and erosion of consumer confidence in e-commerce and online banking. It is a type of threat related to information technology (IT).

Types of Web Threats

DDoS attacks

These attacks can crash your site entirely, making it inaccessible to visitors.

Vulnerability exploits 

Cybercriminals can access a site and data stored on it by exploiting weak areas in a site, like an outdated plugin.


The attacker replaces your website’s content with malicious content.


Malware is a very common threat used to steal sensitive customer data.


Your site may be removed from the search results page and flagged with a warning that turns visitors away if search engines find malware.

Cross-Site Scripting (XSS)

XSS attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted websites. 

SQL injection attack

An SQL injection is a code injection technique, used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker).

Directory traversal attack

A directory traversal consists in exploiting insufficient security validation/ sanitization of user-supplied input file names, such that characters representing “traverse to parent directory” are passed through to the file APIs.

How I can protect myself from attack?

An SSL Certificate

This is a basic website security measure, but it’s so important that popular browsers and search engines are now labeling sites without SSL as insecure, which could make visitors suspicious of your site. 

Web Application Firewall (WAF)

A WAF stops automated attacks that commonly target small or lesser-known websites.

Website scanner

A website scanner looks for malware, vulnerabilities and other security issues so that you can mitigate them appropriately. 

Updated Softwares

About Sachin Tiwari 80 Articles
I am a software engineer, and have an interest in web security or cybersecurity, love to learn in website security topic and sharing with others

Be the first to comment

Leave a Reply