In an earlier article, I discussed the importance of (X)HTML validity testing to check that your site conforms to industry web standards to better ensure that your website will appear as it should with all browsers, present and future. I also emphasized that just checking your site with different browsers is not enough. However, it still needs to be done.   Whether we are working on one of our websites or a client website, we always tested the finished product with different browsers: Microsoft Internet Explorer (MSIE), Firefox, Google Chrome, Safari, and Opera. We test on different resolution monitors, and we also test on differentRead More →

What is (X)HTML validation, and is it important? Validation is to ensure that the HTML markup is correct, using a third party validation service or application. The accepted industry standard is the W3C Markup Validator Service.   Ensuring that your HTML is valid is important. For example, validators ensure your HTML markup tags are properly closed and nested. This is crucial to ensure that your web page and web site looks the way it was intended to your audience (web surfers) regardless of the browser they are using. Your website needs to be consistent in look and feel. Making the HTML valid goes a longRead More →

I am still surprised that people today still post their email addresses publicly – for example, posting an email address as a contact method on their website. Bad idea, unless you are okay with your mail box being filled with spam. Why? Because there are unscrupulous spiders out there that have nothing else better to do but search the web for email addresses. Why? So the person(s) responsible can harvest email addresses that they personally spam, or sell to third parties to spam. Either way, you will be spammed.   What’s the solution you ask? One: do not post your email address in a wayRead More →

If you run a paysite, then more than likely you use a third party payment processor to collect payments. They process credit cards, allowing you to accept payments from clients. The number of payment processors is large and varied. However, a common mistake made by many webmasters is to use just one processor. This has a potential for problems. Why, you ask? Albeit rare, processors have been known to fail. To go out of business. Or, restructure, and phase out processing for certain goods and services: often at the whim of the credit card companies. We saw this in the 90’s and early 2000’s whenRead More →

Is your site mobile ready? By that what I mean is your website designed to be mobile friendly? Does it look good on a desktop and on a mobile device (iPhone, iPad, Android, etc.). It matters because more and more people are surfing web using mobile devices – and not just while on the run, but from the comfort of their living room or office. This is especially true for the younger demographic. Unlike what some are saying, PCs and laptops are here to stay despite lagging sales. However, mobile devices are catching up, so you need to ensure that your site appeals and worksRead More →

I am taking part in the Great Cycle Challenge this June to fight kids’ cancer! Because right now, 1,400 children are diagnosed with cancer across Canada every year. Kids should be living life, not fighting for it. So I am raising funds to help these kids and support SickKids Foundation to continue its work in developing treatments and finding a cure for childhood cancer.   I am dedicating this ride to Kevin Abrams. Kevin, my nephew, died of brain cancer at the age of nine in 1985 after a long but brave battle. Barely a day goes by that I don’t think about the littleRead More →

A common and frequent mistake made by many webmasters is not to keep their scripts up-to-date. What are scripts? Scripts are web-based applications (apps) – typically written in PHP and CGI-Perl, but also Python, ASP, Ruby on Rails, etc. This can be a critical mistake.   You could expose your web server, website, and users to security vulnerabilities. Vulnerabilities are commonly discovered in apps. Sometimes they arise from changes in the app code from a previous update, or were missed and only just discovered due to recent exploits by hackers who discovered the vulnerability. Sometimes they arise from changes/updates in the underlying framework: web server,Read More →

In the previous security article, I discussed FTP security. This time around, I will discuss hardening your Secure Socket Shell.   SSH is a network protocol that provides administrators and webmasters with a secure way to access a server using a client like Putty or SecureCRT, to name but two.   People tend to take SSH for granted. They see the “Secure” in SSH and assume protocol is hardened by default. Not so. SSH is vulnerable if not properly set up. This is a big problem, because SSH allows access to the server, which allows the user command-line access. A hacker with command-line access could wipe theRead More →

What follows are a series of articles discussing website security, and how to make your website more secure. Before there was the Web, there were hackers. Hackers have always been in the mix, and the birth of the World Wide Web provided hackers another playground to spoil. But if one is careful and vigilant, one can defend oneself against hackers. This first article will focus on FTP security.   It is of critical importance to maintain FTP security in order to prevent unauthorized access by third parties like hackers. If a hacker gains access to your FTP server, they can cause many problems:   1.Read More →

Welcome to the Password Sentry Webmaster Blog. This is our first post. We will be posting on a regular basis, featuring articles related to Password Sentry (of course). We will also be posting articles of interest to webmasters, whether you are a Password Sentry user or not. All things to all webmasters. We will also be recruiting guest bloggers in the industry to post helpful and insightful articles. So, this blog will be definitely be worth bookmarking. Stay tuned.Read More →