Safest Web Applications And Technologies

Hackers attacks, Spam, Web vandalism... all of these can ruin any site no matter how functional or design pleasing it is. Your page ranks drop, there are less visitors... Not to mention sales what happens to sales in an online store. When designing or re-designing your site you may wonder what is the safest web application for your needs. In order to answer this question consider:
  1. What is the safest technology / scripting language. It should be a popular one so that you can understand it or easily find someone who does. Don't get stuck with an obscure technology because problems are inevitable and you will have to resolve them by adapting your web application and its code. That's why PHP / MySQL is the common choice.
  2. Once you have narrowed your choice to PHP / MySQL applications (or others you are more familiar with) consider whether you should go for an Open Source product or not. Open Source is recommended because it's much stable / secured in the long term. Open source products are scrutinized by large number of professionals and bugs are much faster found and fixed. The so called 0-day attacks are much less dreadful to Open source products because the holes are patched in hours. On the other hand 0-day attacks usually become 0-week (0-month) attacks on closed source products when the solution comes when the vendor decides.
  3. Next you will be looking at particular web applications. The best one should have a strong company / foundation behind it. Then again, it should be popular so that you can easily find solutions to common problems and assistance if needed. Last but not least is to determine how easily you (yes, you with your skills and available time) can manage the application. Try to find out how easy it is to install a third party captha extension, how much time it will take to keep it up to date and create backups. This part is often underestimated and you should know that even the safest web application fails if not maintained properly. Consider Mediawiki software for example. Wikipedia uses it and there is no spam or web vandalism ever. However, if you install a Mediawiki on your site and forget it in a week there will be thousands of malicious 'revisions' rendering it unusable.
Based upon the above aspects let's outline some popular web applications choices for certain needs:
  • secure wiki - Mediawiki is the best supported and maintained open source software. It is easy and fast to update it to the latest version and there are freely available solutions to any kind of problems.
  • secure shop - Megento is sometimes thought as being over-engineered. That's easily understood from first glance - latest version (1.4.2) has 318 MySQL table and 100 MB of code. However, it is the most secure e-commerce solution with distinctive Model-View-Controller design. It is also easily upgradeable (in most cases) and there is an abundance of extensions for any need. Magento is thought to be the hell for intruders (and coders sometimes) while OsCommerce is their playground.
  • secure CMS - Joomla is the best content management system used on about 3% of the most popular Internet sites in the world according to Alexa. It can be easily upgraded and there are extensions for everything. There have been some unpleasant security issues in the past but they have been very fast patched and with the proper measures taken would not have affected your installation. Second choice is WordPress but it is not advertised as CMS exactly but rather as blogging software.
  • secure forum - phpBB with its latest development branch 3 has proven to be stable and reliable for common forum-like website needs. It has had bad reputation in the past but the current branch sands up to its rivals such as vBulletin. Still, if you have extra bucks to spend you may re-consider vBulletin which is easier to maintain and safer with readable code even though not open source.

blog comments powered by Disqus