Protecting your HTML and PHP Source Code

Written by Vince Edwards

There are many reasons now as a web designer, software programmer or website owner that you may want to start consideringrepparttar safety of your HTML or PHP source code. Some related reasons are:

1. Email Address theft – Have you ever wondered how you get SPAM mail even though you’ve been super cautious NOT to subscribe to anything, yet it still comes your way? One ofrepparttar 132017 reasons could be that you have your EMAIL link on a website. With email harvesting software available (even for free trials) anyone can harvest your email address right off your website automatically. 2. Picture Theft – Most average users are aware that you can right-click pictures on a website and download them to their own computer. It is common knowledge for most internet users and webmasters. 3. Return URLs – For some credit card processing companies (such as PAYPAL and EGOLD) it is possible to viewrepparttar 132018 source of web pages and look atrepparttar 132019 return (thanks for purchasing) page, where you can directly go torepparttar 132020 URL, click onrepparttar 132021 link to downloadrepparttar 132022 software without paying for it 4. Website Layout - If a Webmaster likes your site, they can save outrepparttar 132023 page (and structure) and edit it in their own HTML editor software and claimrepparttar 132024 design layout for themselves 5. PHP Scripts - If you have a clever script (i.e. written in PHP) and you need to send it to someone, they could easily have a look at your PHP script to see how you did it. They can then copyrepparttar 132025 code or re-write it slightly and call it their own Or use it for their own PHP software and scripts.

These are just some ofrepparttar 132026 reasons why you need to consider encrypting your web pages or source code. Encryption of web pages and source code is becoming more and more popular and inrepparttar 132027 future will become an absolute necessity. We can now see a huge market (onrepparttar 132028 web) of HTML encryption software that enables you to protect your source code from prying eyes. Although HTML encryption is not 100% foolproof, it is effective enough to keep out MOST users and acts as a good deterrent, since not everyone hasrepparttar 132029 time to decipher encrypted HTML source just forrepparttar 132030 fun of it.

Strong Passwords

Written by Lew Newlin

Strong passwords are your first step in securing your systems. If a password can be easily guessed or compromised using a simple dictionary attack, your systems will be vulnerable to hackers, worms, Trojans, and viruses.

Trojan, virus, and worm authors have had great success attacking systems with weak and/or default passwords. Take IRC/Flood Trojan for example. McAfee’s virus profile states that IRC/Flood has over 120 variants and has infected over 60,000 machines inrepparttar last 30 days. IRC/Flood succeeds by checking for 22 different different easy to guess admin passwords (variants vary). Unfortunately, there are a lot more where IRC/Flood came from, W32/Tzet.worm, W32/Random.worm, and W32.HLLW.Gaobot.gen are inrepparttar 132015 wild just to name three.

Hackers also have no problem compromising systems with weak passwords. Programs like L0pthCrack for example makerepparttar 132016 process simple and efficient. Creating a password-cracking dictionary is not even a challenge. Typerepparttar 132017 words "Creating Password Cracking Dictionaries", withoutrepparttar 132018 quotes, in to your favorite search engine. A comprehensive dictionary can be downloaded or created from scratch in short order.

Below is a list of commonly used weak passwords that should NEVER be used. If any of these passwords look hauntingly familiar and are being used, you need to changerepparttar 132019 password immediately.

Alpha< d> Weak Passwords< d> < r>
A< d> a, A.M.I, A52896nG93096a, aaa, aammii, abc, abcd, academia, academic, accept, access, ACCESS, account, accounting, action, adam, ADAMS, adfexc, adm, admin, ADMIN, Admin, admin2, administrator, Administrator, adminttd, ADMN, admn, adrian, adrianna, adtran, adult, Advance, ADVMAIL, aerobics, alfarome, ALFAROME, ALLIN1, ALLIN1MAIL, ALLINONE, aLLy, ALLy, alpha, AM, AMI, AMI!SW, AMI.KEY, AMI.KEZ, AMI?SW, AMI_SW, AMI~, AMIAMI, AMIDECOD, amipswd, AMIPSWD, AMISETUP, anicust, anon, anonymous, any@, ANYCOM, AP2SVP, aPAf, APL2PP, APPLSYS, APPS, AQDEMO, AQUSER, ARCHIVIST, Asante, ascend, Ascend, asdf, asdfgh, at4400, attack, AURORA$ORB$UNAUTHENTICATED, AURORA@ORB@UNAUTHENTICATED, autocad, AUTOLOG1, Award, award, AWARD?SW, AWARD_SW, awkward < d> < r>
B< d> BACKUP, BATCH, BATCH1, BATCH2, bbs, bciim, bciimpw, bcms, bcmspw, bcnas, bcnaspw, bell9, BIGO, bin, bintec, BIOS, BIOSPASS, biosstar, biostar, Biostar, BIOSTAR, BLAKE, blue, bluepw, boss, BRIDGE, browse, browsepw < d> < r>
C< d> c, cablecom, cable-docsis, CAROLIAN, cascade, CATALOG, cc, CCC, ccrusr, CDEMO82, CDEMOCOR, CDEMORID, CDEMOUCB, central, CHANGE_ON_INSTALL, changeme, checkfs, checkfsys, checksys, CHEY_ARCHSVR, circ, cisco, Cisco router, CLARK, client, CLOTH, cmaker, CMSBATCH, CMSUSER, CNAS, COGNOS, Col2ogro2, comcomcom, COMPANY, Compaq, Compleri, computer, CONCAT, condo, CONDO, Congress, CONV, CPNUC, CPRM, cr0wmt 911, craft, craftpw, Crystal, CSPUSER, CTX_123, CTXDEMO, CTXSYS, cust, custpw, CVIEW < d> < r>
D< d> d.e.b.u.g, d8on, daemon, Daewuu, Database, databse, DATAMOVE, Daytec, DBSNMP, DCL, DDIC, death, debug, DECMAIL, DECNET, default, DEFAULT, Dell, DEMO, demo, DEMO1, DEMO8, DEMO8, demos, deskalt, deskman, desknorm, deskres, DESQUETOP, dhs3mt, dhs3pms, diag, diamond, DIGITAL, DISC, disttech, D-Link, dn_04rjc, dni, DS, DSA < d> < r>
E< d> EARLYWATCH, echo, EMP, enable, eng, engineer, enquiry, enquirypw, enter, ESSEX, EVENT, Ezsetup< d> < r>
F< d> fal, FAX, fax, FAXUSER, FAXWORKS, FIELD, field, FIELD.SUPPORT, FINANCE, FND, foobar, friend, ftp< d> < r>
G< d> g6PJ, games, ganteng, GATEWAY, GEN1, gen1, GEN2, gen2, glftpd, gnumpf, god, godblessyou, gonzo, gopher, GPLD, gropher, guessme, guest, GUEST, Guest, guest1, GUESTGUE, guestgue, GUESTGUEST< d> < r>
H< d> h6BB, hacker, halt, HARRIS, hax0r, HELGA-S, HELLO, hello, HELP, help, HELPDESK, HEWITT RAND, hewlpack, HLT, home, Home, HOST, HP, hp, HPDESK, HPLASER, HPOFFICE, HPOFFICE DATA, HPONLY, HPP187, HPP187 SYS, HPP189, HPP196, HPWORD PUB, hydrasna < d> < r>
I< d> I5rDv2b2JjA8Mm, ibm, IBM, ibmcel, ihavenopass, ILMI, inads, indspw, INFO, informix, INGRES, init, initpw, install, Internet, IntraStack, IntraSwitch, INTX3, INVALID, IPC, IS_$hostname, ITF3000, iwill < d> < r>
J< d> j09F, j256, j262, j322, j64, JDE, Jetform, JONES< d> < r>
K< d> kermit, kiddie, komprie, ksdjfg934t< d> < r>
L< d> l2, l3, laflaf, lantronix, LASER, LASERWRITER, last, lesarotl, letacla, letmein, LIBRARY, lineprin, LINK, lkw peter, lkwpeter, LKWPETER,

Cont'd on page 2 ==> © 2005
Terms of Use