Tag: Website Security

Top 3 Reasons to Add HTTPS to Your Business Website

Top 3 Reasons to Add HTTPS to Your Business Website

Today I am going to list the top 3 reasons you should be using HTTPS on your business or personal websites, I won’t go very deep in the technical details of HTTPS or the way encryption works and keeps communication between your browser and server secure and private. This article focuses very brief about HTTPS and the top reasons you should use SSL protocol or HTTPS over the old http for your website.

Why chose HTTPS over HTTP

What are the benefits of using HTTPS vs. HTTP?

1. It helps with the security of Your website: The https protocol scrambles the data say any input you make in browser or request any page from server while browsing website/ web apps so that it can’t be seen or read by any one between your Browser and Server. For example every request you make from your browser goes to server via your internet service provider or ISP which can tap in to the content been transmitted. Thus it’s secure to use https and not http which transmits information in plain text to server.

Google’s experts says even if you don’t ask for sensitive information on your business website even than you should be using HTTPS to protect users privacy and any exchange of information between your website’s users and you. So HTTPS will help you with the security of your users and server.

2. HTTPS is good for SEO and helps you rank higher: Experts from SEO industry has confirmed that having a Secured site (Using HTTPS) helps your website rank higher in Search results by search engines. Google loves and gives priority to websites using SSL/ HTTPS over the http protocol. So if you are a business website owner and is focusing to get your website rank good in search engines setup HTTPS on your website. Recently google search started demoting non https websites in search results and also displays warning in browser address bar.

HTTP Vs HTTPS in chrome browser.

3. Many Advanced Web Technology requires HTTPS: If you are in serious about search result, website visibility and security of your website using HTTPS is must as even many browser features like PWA (Progressive web apps ) & even google’s AMP (Faster and lightweight website framework by google) requires you to have ssl/ https enabled on your website to leverage many features.

To use users location api or send push notification in browser you must use HTTPS as service workers which is required component for PWA to work.

As conclusion if you are still using the http on your website and have not setup https on your website ask your developer/ agency to implement it. My web development agency in patna bihar has started offering free HTTPS support with our website packages to our all customers.

You can use a purchased ssl or free ssl certificate from Let’s encrypt to secure your website. If you are having your website already and want help related to web security server management etc you can always reach me or ask question on my twitter handle (https://twitter.com/xvivek ).

Security of many Bihar Govt. website is vulnerable too much

Security of many Bihar Govt. website is vulnerable too much

bihar-website-securityAs I am a IT geek & Cyber Security consultant I was testing few website’s related to bihar government to measure the security standards and loop holes left with their website. Shockingly I found many of websites related to bihar government and private companies were vulnerable against different types of very common network attacks.

Many of website’s that were developed using .net or asp technology are not even protected for very common SQL injection. SQL Injection is a method to by pass SQL statements and get access to login pages without any user name or passwords. So any person can just type SQL Injection go to Wikipedia website and find the method to get in to the admin area of these website’s database.

With the growing potential of hacking attempts these days and at the moment as companies and government agencies of bihar are not much aware or shows interest about the security of their websites and network it could cause disastrous & fatal issues in coming time.

Some of the website’s are so badly un-secured that the admin areas could be accessed guessing with most common passwords like admin , bihar, mybihar, ilovepatna, mypatna like ID and Passwords. Many of them are using so bad passwords that using Brute force attack one can get in to the emails, admin section of the websites.

However it’s known that IT companies are not using security measures in developing websites & applications also  that Bihar has a lack of local Cyber Security Experts many of the websites related to bihar is on the mercy of a average skilled hacker.  With the growing potential of hacking attempts these days and at the moment as companies and government agencies of bihar are not much aware or shows interest about the security of their websites and network it could cause disastrous & fatal issues in coming time.

In the same time my company Webx99 is continuously trying to provide creative, reliable, productive website solution to our clients  of  Patna, Bihar with the added security layers & penetration tests.  We do all this with the latest technologies & the updated knowledge.

In the coming post I will publish an article about a very common attack and it’s result that shut down the website of a major project’s website of bihar government. Leaving you with the hope that Government & Companies of bihar will took further steps to secure their websites after revealing the issues. Is your website Secured? ask me by dropping your email address for security audit of your website free for my blog readers.

CNLU Website Review, How successful website is?

CNLU Website Review, How successful website is?

Hello every body in day today life woking as a web developer and running a web design company in patna, I often come to websites that are made very un professionally not in terms of design but usability, techniques & other aspects like security etc. I have decided to review few of website that need attention by the developers so that the user of that particular website doesn’t always have to suck finding information.  My intention behind this initiative is to spread awareness and share my knowledge with others

Website of Chankaya National Law University, Patna
Website of Chankaya National Law University, Patna

Today I am going to review the official website of Chanakya National Law University, CNLU Bihar. I will discuss different aspects and describe that points that needs attention of admin of website. Review & Analysis done as the site appeared on 25th of Nov. 2012.

PLATFORM/ TECHNIQUE  USED:

JOOMLA (CMS)  this is good part that university is using Joomla a popular cms to manage and update website content.

 DESIGN/ Layout:

Design is very basic and layout used is very unprofessional. Sitemap & alumni and many other menu has no active link.

SEO

Website’s is not properly optimised for seo as not sitemap and no keyword/ title / description is used for pages which are vital information for SEO friendly websites.

SPEED/ Load Time

Here website sucks and fails as tested with PINGDOM page load time test it shows that the home page is of approx 7mb in size which is worst for slower internet connection user in India  This is due to the un-optimised picture resolution used in slideshow and banners on home page & also in many other pages too.

SECURITY

As far our security test we recommend to upgrade to newer stable joomla 1.5 version or migrate to the latest release.

Over all this website needs attention by the admin to optimize pages and images on the site so that it loads faster and save bandwidth which is wasting at now. We rate this website overall with 5/10 .

The above rating and review is based on my personal view and experience with the website as a visitor and also as a website auditor. Thanks for reading hope the points I mentioned may attract some attention of the admin and the issues may be fixed sooner. You can follow me on social networks find me with my email address vivek.shs[at]gmail.com