Anyone Specialize In Web Security?

by James Liberty 11 replies
Are there any programmers here who specialize in web security? I may need some work done... but I'm sure that other Warriors would like to know as well.
#main internet marketing discussion forum #security #specialize #web
Avatar of Unregistered
  • Profile picture of the author Jim Stone
    Hey, I'd like to know as well. I'm developing a hosted web service and could use some advice from someone who lives and breathes security.

    Jim
    {{ DiscussionBoard.errors[149763].message }}
  • Profile picture of the author pjs
    Originally Posted by James Legacy View Post

    Are there any programmers here who specialize in web security? I may need some work done... but I'm sure that other Warriors would like to know as well.
    Feel free to PM me any questions you may have. I have nearly a decade in the internet / security / sysadmin / programmer field. I've worked, or consulted for, global organizations on various projects.

    I still do contracts here and there, but I have to be honest... I charge way more than "normal people" want to pay (but I always over deliver).

    I would be happy to answer any questions though..

    Peter
    Signature
    Mom and Pop Money WSO *** - How ONE Lead Capture Page Made $9K in 2 Weeks in the "Offline" niche!

    PeterSanchez.com >>> FollowPeter.com (Twitter)
    {{ DiscussionBoard.errors[149889].message }}
  • Profile picture of the author AgileHosting
    I'd be happy to help as well! I do Linux/cPanel servers only though. (You know, 'Do one thing and do it right', LOL!) Drop me a PM or email anytime.

    Bailey
    Signature

    Guacamole.

    {{ DiscussionBoard.errors[149897].message }}
  • Profile picture of the author James Liberty
    Only two programmers in this entire forum understand web security, eh?
    {{ DiscussionBoard.errors[169881].message }}
    • Profile picture of the author Steven Fullman
      Originally Posted by James Legacy View Post

      Only two programmers in this entire forum understand web security, eh?
      There are more. What do you have in mind?
      Signature

      Not promoting right now

      {{ DiscussionBoard.errors[170200].message }}
  • Profile picture of the author samstephens
    I've had a lot of experience in web security - what kind of thing did you have in mind?

    cheers
    Sam
    Signature
    DLGuard v5 - The Warrior Edition
    Full integration with JVZoo, DigiResults, and WSO Pro for secure WSO's and WSO memberships.

    www.dlguard.com
    Serving the Warrior Forum since 2004
    {{ DiscussionBoard.errors[170196].message }}
  • Profile picture of the author TheRichJerksNet
    What do you need ??

    James
    {{ DiscussionBoard.errors[170255].message }}
  • Profile picture of the author James Liberty
    Well, first I'd like to know if there are any Warriors who specialize in web security. I'm looking for someone to lock-down my site... and I'm sure that other Warriors would like to know who can help them with this as well.
    {{ DiscussionBoard.errors[170431].message }}
    • Profile picture of the author TheRichJerksNet
      Originally Posted by James Legacy View Post

      Well, first I'd like to know if there are any Warriors who specialize in web security. I'm looking for someone to lock-down my site... and I'm sure that other Warriors would like to know who can help them with this as well.
      Well I did write the eBook on how to secure wordpress..

      I will need specific details sent to me in PM to know exactly what you need.

      James
      {{ DiscussionBoard.errors[170434].message }}
      • Profile picture of the author Steve Steinitz
        Hello,

        Security is an ongoing process. A site is never secure, rather, it is more or less secure -- it has a degree of security. On a shared server, I like to start with some basic protection via .htaccess. On a dedicated or VPS server, similar with httpd.conf. If you would like to test the water with a small undertaking like that, feel free to get in touch.

        If we had fun doing that, we could do some more.

        I don't 'specialize' in web security. Instead, I am a software developer with a vested interest in web security and consider security and backing-up part of modern-day literacy.

        I've co-developed a web-site tracker which also identifies and blocks many 'bad robots', spammers and hackers. So far, only the two of us use it, but who knows...

        Steve
        Signature

        {{ DiscussionBoard.errors[171123].message }}
    • Profile picture of the author imtechsupport
      Originally Posted by James Legacy View Post

      Well, first I'd like to know if there are any Warriors who specialize in web security. I'm looking for someone to lock-down my site... and I'm sure that other Warriors would like to know who can help them with this as well.
      Well, as Steve pointed out, security is an ongoing process. You may 'lock down your site' today, and tomorrow some hacker finds another security hole in Wordpress, or a buffer overflow exploit in Apache, or a security hole in MySql, and as news spreads, your site will be attacked dozens of times from hackers in 10 different countries, but I digress ...

      The most difficult part about security is staying on top of new threats. Almost all of the current known security holes have been patched or worked around. Maintainers of different software (e.g. Wordpress) tend to keep abreast of security threats in their own software, and patch and release accordingly. So one aspect of security is to regularly update any platform software you use.

      Another difficult aspect of security is that making something secure (i.e. a shared hosting site) also introduces a level on inconvenience to the updater/maintainer. For this reason, the default settings for a lot of software errs on the side of ease-of-use rather than military grade security. This is not an easy problem to solve, and solutions will always have some compromise.

      For example, you said that you wanted to 'lock down your site'. Well, if you give me administrator access to your site, I could make it so that no-one (including you) could ever make any changes to your site again until I 'unlocked' it. But that is probably not very convenient for you. You may want to add further content, or allow visitors to your site to add comments or ratings. This may render your site less valuable, functional or useful, but it *would* meet your criteria of being locked down.

      Perhaps if you shared some details on what software platform you are using/planning to use, and what level of access your host provides you with, I can give you a more targeted answer to your question.

      Regards,

      Ian
      {{ DiscussionBoard.errors[173245].message }}
Avatar of Unregistered

Trending Topics