We are happy to announce that Stripe is now available as a new payment gateway for an even more easier payments! Stripe is a popular payment service provider for eCommerce stores worldwide, and is our payment processor of choice.
We are really happy to be reviewed by the experts at WebsitePlanet.
Web hosting is an interesting term in the sense that nearly everyone has used it at one point or another. And yet, not many people truly understand what web hosting really is, let alone how it works.
This is rather unfortunate, as web hosting is, quite literally, what holds our entire online world together. Knowing the ins and outs of it is certainly not a bad idea.
We’re proud to announce that we have received the Great Uptime Award by HostAdvice. Being anonymously tested by HostAdvice for 2 months, our hosting services have successfully passed their uptime test. It’s a great honor that we are being continuously recognized by different third parties this year. We would like to thank HostAdvice for acknowledging our great uptime and thank our engineers and technical staff for their important contributions.
For all too many companies, it’s not until after a breach has occurred that web security becomes a priority. During my years working as an IT Security professional, I have seen time and time again how obscure the world of IT Security is to so many of my fellow programmers.
An effective approach to IT security must, by definition, be proactive and defensive. Toward that end, this post is aimed at sparking a security mindset, hopefully injecting the reader with a healthy dose of paranoia.
In particular, this guide focuses on 10 common and significant web security pitfalls to be aware of, including recommendations on how they can be avoided. The focus is on the Top 10 Web Vulnerabilities identified by the Open Web Application Security Project (OWASP), an international, non-profit organization whose goal is to improve software security across the globe.
A little web security primer before we start – authentication and authorization
When speaking with other programmers and IT professionals, I often encounter confusion regarding the distinction between authorization and authentication. And of course, the fact the abbreviation auth is often used for both helps aggravate this common confusion. This confusion is so common that maybe this issue should be included in this post as “Common Web Vulnerability Zero”.
So before we proceed, let’s clearly the distinction between these two terms:
Authentication: Verifying that a person is (or at least appears to be) a specific user, since he/she has correctly provided their security credentials (password, answers to security questions, fingerprint scan, etc.).
Authorization: Confirming that a particular user has access to a specific resource or is granted permission to perform a particular action.
Stated another way, authentication is knowing who an entity is, while authorization is knowing what a given entity can do.