Written by:
Leo Hoogma
What do we actually do all day at Hoogma Webdesign? What exactly do you pay for, if you have a HWCMS website? These are some of the questions that (future) customers ask us from time to time. We like clarity, and are happy to give you a glimpse into a day at the kantoor van Hoogma Webdesign.
Following the latest tech news
Like many people, we read like the latest news. You used to do that via the newspaper, but nowadays the latest news can often be found online. In any case, we as IT specialists prefer to be online, you will understand that. Not only do we follow the mainstream news, but we also especially follow the events in the field of online security and new tricks of hackers, with which they try to crack systems.
By the way, did you know that there is a difference between hackers and crackers? And then there are the white hat hackers... Be sure to delve into this if you find it interesting.
So we like to stay informed. Cyber criminals do not sit still, and are constantly inventing new ways to crack systems and gain access to websites and online data, such as databases. With all its consequences. Because how often do we hear about another massive hack that affects a lot of people?
We wouldn't be a good IT company if we left security to automated systems. That's why we make sure we stay informed. We watch over the security of your HWCMS website, so that you can continue with other things if a major hack has been carried out again, because it won't bother you after all.
Here we discuss two online dangers that we monitor and anticipate immediately. Of course there are many more risks online, but in order not to get bogged down in - boring - technical details, we will first limit ourselves to these two vulnerabilities, so that you can get a better understanding of what we do, and how we anticipate certain dangers.
Cross-site request forgery or CSRF
CSRF is a fairly new online vulnerability. In this type of attack, you inadvertently click on a dirty link while you are logged in to a trusted website. For example, the website of your bank, or of your website management system HWMCS. The link looks like a reliable link, thanks to the good disguise designed by the attacker. When you click on the malicious link, the sender of this link can send requests within your followed environment without authentication problems. Because you yourself, when you logged in, gave the verification and a valid login session was started.
As a web designer and IT specialist, we will of course not let that happen. At Hoogma Webdesign we ensure that a unique code is requested at all times. If the sender of a request cannot provide this code, the request will not be executed. This unique token is encrypted and is automatically regenerated every few minutes. For example, CSRF, also known as session-riding, is prevented thanks to our intervention.
My SQL-injections
Another known danger is injection of SQL, or Structured Query Language. This is possible if you don't protect this and can allow a `bad guy` to access your database. These injections can be given through web forms, for example, or via the URL of a website. When the database receives a request with, for example, login name and password, this request is checked. But if this is not secured, a malicious person can easily bypass the password and still enter the database. The great danger is that they can see and download all data, without you having to notice it.
New tricks are constantly being invented and tried for this, which is why we also monitor this and ensure that we stay informed of the latest security techniques and of course writing our own scripts to prevent attacks by cyber criminals.
In addition, we do a lot more to make your website run at its best; secured, responsive and according to the latest techniques. We are happy to assist our customers when they have a question about our system or our services. And then we also make videos.
The possibilities with a HWCMS website
To help HWCMS users get started and to answer the most frequently asked questions, we have a YouTube channel with instructional videos. If you subscribe to this subscribe, you will be the first to hear that there is a new video is online. Do you already know what is possible with HWCMS? Discover it on our website or in our videos.
Would you like to read more blog posts? Go to the page Blog.