Top 5 Security Concerns for Web Designers

Top 5 Security Concerns for Web Designers

Designing and building a website is no easy task in a time when there are many unscrupulous individuals who dedicate their lives to hacking into what you are trying to build. So, much like a building with information in it needs to be secured from all angles (enter: security guards), so does your website.

Here, we’ll review several critical things that you need to look out for in the web design process in order to prevent future security issues, and to ensure that your own virtual security guards in place.

Security Concerns for Web Designers

1. Cross Site Scripting (XSS)

Many people would say that this is the most risky of website security issues. In fact, according to, “In one recent study, 75 percent of U.S. government websites were found to be vulnerable to XSS attack.”

So what is XSS? According to Warren Wojnowski, “Cross site scripting can allow hackers to execute scripts in the victim’s browser which can then allow them to hijack user sessions, deface your web site, or redirect your user to another (malicious) web site.” Essentially, attackers figure out how to open remote sessions in your user’s browsers and wreak havoc.

2. Take Advantage of Those Upgrades!

Make sure you leverage the hardware and software upgrades available to you—it’s actually quite important. Very often, critical security upgrades go ignored by web designers, making your website more vulnerable. So be sure to stay on top of them.

3. Password Vulnerability

It might surprise you to learn that hackers are still getting the best of us by stealing or guessing our passwords, and in fact, this is one of the biggest security threats to consider when designing your website.

According to Notebook Review,”Of the data breach cases investigated by Verizon Business during 2012, 29% involved exploitation of default or guessable passwords…(and) use of stolen log-in credentials (was at) 24%.”

So make sure you have a system in place for updating your website’s passwords with frequency and originality, making them harder for hackers to guess. Also, review internally the methods for making the passwords less available to those who could actually steal them.

4. SQL Injection

SQL injection has long been the bane of site designers the world over, and isn’t going away any time soon. Wikipedia defines it as “a technique often used to attack data driven applications. This is done by including portions of SQL statements in an entry field in an attempt to get the website to pass a newly formed rogue SQL command to the database.”

ZDNet cites that “The number of SQL injection attacks has jumped by more than two thirds: from 277,770 in Q1 2012 to 469,983 in Q2 2012.” From all accounts, this should be a site designer’s greatest concern. Designer, beware!

5. Consider Your Deployment Process Carefully

The deployment process is one in which great care must be taken. Different configurations from one environment to the next (including development, testing, and live environments) could create new and different security issues you thought you had either tested for or didn’t consider in the first place.

How can you prevent security issues on your site? First, make sure you do a thorough code review before launch—build use cases and thorough scenarios through which testing can run that will attempt to thwart security efforts.

Unfortunately the reality is, as expert Warren Wojonowski cites, “often times you won’t know about your website security risks until you’ve been hacked.”

But there are certainly many steps you can take in order to prevent this from happening, so be sure you and your team are aware of and checking for as many of the risks you can both in the design and development phases of your website. Then conduct an extremely exhaustive testing process prior to site launch. While this isn’t foolproof methodology, every effort counts—the more roadblocks you have in place for hackers, the better.

10 Responses to “Top 5 Security Concerns for Web Designers”

  1. Mitchelle says:

    I have special interest with SQL. It hasn’t been that long since I started dealing with software and stuff and knowledge on web breakthroughs is really very important.

  2. Great post. I’m really glad of this article which helps me more, keep sharing.

  3. Jessica says:

    That is a good piece of info. Thanks for informing. I didn’t see it before anywhere. Thanks a lot!!!

  4. Jessica says:


    Thanks for sharing this list to everyone. I’m very glad I surf on this webblog and saw this great blog list.Thank you so much,,,,!

  5. Nice post as I was not aware of the threats, so now by reading your article I will make changes for better security.

  6. Josh says:

    I never knew SQL can be use to get account logins of the website. Your post have given me such insights! Thanks. 🙂

  7. Evan says:

    That is a good piece of info. Thanks for informing. I didn’t see it before anywhere. Thanks

  8. jajdke says:

    Thanks for sharing this list to everyone. I’m very glad I surf on this webblog and saw this great blog list.

  9. volkan says:

    I think most important one is SQL injection.
    Designers, beware!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.