Menu Search
Jump to the content X X
Smashing Conf New York

We use ad-blockers as well, you know. We gotta keep those servers running though. Did you know that we publish useful books and run friendly conferences — crafted for pros like yourself? E.g. upcoming SmashingConf New York, dedicated to smart front-end techniques and design patterns.

Posts Tagged ‘Security’.

We are pleased to present below all posts tagged with ‘Security’.

Legal Guidelines For The Use Of Location Data On The Web

Location-based services are growing in popularity every day, and beacon-based services are tipped to be the advertising goldmine of 2016. You may already be using location data and beacons to enhance your users’ experience with your websites, apps and wearables. However, the use of location data is not without limits.

A simple opt-in screen

Developers must become aware of international privacy laws, as well as industry codes of self-regulation, that govern its usage. Following laws and codes, while also adhering to best practice principles through frameworks such as privacy by design (PbD), will ensure public trust in your app as well as in your services as a developer.

Read more...

Getting Ready For HTTP/2: A Guide For Web Designers And Developers

The Hypertext Transfer Protocol (HTTP) is the protocol that governs the connection between your server and the browsers of your website’s visitors. For the first time since 1999, we have a new version of this protocol, and it promises far faster websites for everyone.

Getting Ready For HTTP/2: A Guide For Web Designers And Developers

In this article, we’ll look at the basics of HTTP/2 as they apply to web designers and developers. I’ll explain some of the key features of the new protocol, look at browser and server compatibility, and detail the things you might need to think about as we see more adoption of HTTP/2. By reading this article, you will get an overview of what to consider changing in your workflow in the short and long term. I’ll also include plenty of resources if you want to dig further into the issues raised.

Read more...

Eliminating Known Vulnerabilities With Snyk

The way we consume open source software (OSS) dramatically changed over the past decade or two. Flash back to the early 2000s, we mostly used large OSS projects from a small number of providers, such as Apache, MySQL, Linux and OpenSSL. These projects came from well-known software shops that maintained good development and quality practices. It wasn’t our code, but it felt trustworthy, and it was safe to assume it didn’t hold more bugs than our own code.

Eliminating Known Vulnerabilities With Snyk

Fast-forward to today and OSS has turned into crowd-sourced marketplaces. Node’s npm carries over 210,000 packages from over 60,000 contributors; RubyGems holds over 110,000 gems, and Maven’s central repository indexes nearly 130,000 artifacts. Packages can be written by anybody, and range from small utilities that convert milliseconds to full-blown web servers. Packages often use other packages in turn, ending with a typical application holding hundreds if not thousands of OSS packages.

Read more...

Why Passphrases Are More User-Friendly Than Passwords

A user’s account on a website is like a house. The password is the key, and logging in is like walking through the front door. When a user can’t remember their password, it’s like losing their keys. When a user’s account is hacked, it’s like their house is getting broken into.

Why Passphrases Are More User-Friendly Than Passwords

Nearly half of Americans (47%) have had their account hacked in the last year alone. Are web designers and developers taking enough measures to prevent these problems? Or do we need to rethink passwords?

Read more...

P Vs. NP: The Assumption That Runs The Internet

Let’s get a few things out of the way first. This isn’t your regular Smashing Magazine article. It’s not a “how to“; it won’t show you how to build a better menu or improve your project tomorrow. This article shows you how a core problem in computer science works and why we're all pretending we know something for certain when we really have no idea.

P Vs. NP: The Assumption That Runs The Internet

You’re looking at Smashing Magazine right now because you’re standing on the shoulders of a giant assumption called "P versus NP". It’s a math problem that protects governments, runs the Internet and makes online shopping possible.

Read more...

Are You Prepared Against A Hack?

“Danger: malware ahead!” and “This website may harm your computer” are the two sentences that I hate most and that I don’t want any of my clients to see when they open their website. If you have seen any of them on your own website, then I’ll bet you still remember your panic attack and how you struggled to get your website up and running ASAP.

hacking

Many great articles show how to prevent a website from being hacked. Unfortunately, unless you take it offline, your website is not and will never be completely unhackable. Don’t get me wrong, you still need to take preventive measures and regularly improve your website’s security; however, responding accordingly if your website does get hacked is equally important. In this article, we’ll provide a simple seven-step disaster-recovery plan for WordPress, which you can follow in case of an emergency. We’ll illustrate it with a real hack and specific commands that you can use when analyzing and cleaning the website.

Read more...

Proper WordPress Filesystem Permissions And Ownerships

When people talk about WordPress security, file permissions and ownership are usually the last thing on their minds. Installing security plugins is a good practice and a must for every WordPress website. However, if your file-system permissions aren’t set up correctly, most of your security measures could be easily bypassed by intruders.

Proper WordPress Filesystem Permissions And Ownerships

Permissions and ownership are quite important in WordPress installations. Setting these up properly on your Web server should be the first thing you do after installing WordPress. Having the wrong set of permissions could cause fatal errors that stop your website dead. Wrong permissions can also compromise your website and make it prone to attacks.

Read more...

Avoiding Pitfalls A Comprehensive Guide To Firewalls

In the construction industry, a “firewall” is a specially-built wall designed to stop a fire from spreading between sections of a building. The term spread to other industries like car manufacturing, and in the late 1980s it made its way into computing.

A Comprehensive Guide To Firewalls

On one side of the wall is the seething electronic chaos of the Internet. On the other side is your powerful but vulnerable Web server. These computer firewalls are actually more like fire doors because they have to let some stuff through.

Read more...

Security Common WordPress Malware Infections

WordPress security is serious business. Exploits of vulnerabilities in WordPress’ architecture have led to mass compromises of servers through cross-site contamination. WordPress’ extensibility increases its vulnerability; plugins and themes house flawed logic, loopholes, Easter eggs, backdoors and a slew of other issues. Firing up your computer to find that you’re supporting a random cause or selling Viagra can be devastating.

WordPress Security

In WordPress’ core, all security issues are quickly addressed; the WordPress team is focused on strictly maintaining the integrity of the application. The same, however, cannot be said for all plugins and themes.

The focus of this post is not to add to the overwhelming number of WordPress security or WordPress hardening posts that you see floating around the Web. Rather, we’ll provide more context about the things you need to protect yourself from. What hacks are WordPress users particularly vulnerable to? How do they get in? What do they do to a WordPress website? In this lengthy article, we'll cover backdoors, drive-by downloads, pharma hack and malicious redirects.

Read more...

↑ Back to top