Helping ordinary people create extraordinary websites!
| |
Helping ordinary people create extraordinary websites! |
Testing Your Forms for Hijacking VulnerabilityBy Will Bontrager2005-10-07 
Why Should I Test?
Because hijackers send their spew from your server. Because you could get on blacklists that are very hard to get off of. Because you could lose your hosting account. Because your hosting company could shame you. Yes, there is a hosting company that lists the domain names of those who have had their forms hijacked. I don't know whether or not they're doing it to shame their customers, but can you imagine what kind of public relations damage that could do? Take a look at http://www.hosting.io/ — they've had a red type on black background notice published on their front page for over a week, in the middle of the page when it first loads, publicly naming two domains they suspended because the domains had their forms hijacked. Hosting companies don't like insecure forms. A hijack can land the IP address or even range of IP addresses into serious blacklisting trouble, requiring many hours of otherwise productive wages to repair. Ask yourself, does your hosting company need you so badly that they would overlook it or just serve you a wink if one of your forms were hijacked? Nowadays, it is essential to have secure forms. Otherwise, you are constantly in danger of being exploited. Tutorial Pages: » Testing Your Forms for Hijacking Vulnerability » Want To Skip Testing? » Is a Spammer Spider On the Loose? » Why Should I Test? » Won't Spammers Use this Article To Find Vulnerable Forms? » How Do I Test? » Now What? Copyright 2004 Bontrager Connection, LLC
|
 |