Security

How do I convert my site to SSL and HTTPS?

The topic of data security is becoming increasingly important for both private users as well as in the business world. As a website owner, you should take all the necessary precautions to ensure that a visit to your site is as secure as possible. Converting from HTTP to HTTPS or SSL is an important step in securing your website and gaining your customers’ trust.

Server Name Indication

What is server name identification, really? Encryption technologies play a big role when it comes to surfing on the net. Credit card data and other personal information must not fall into the hands of criminals. For now, TLS is one of the protocols used for this purpose. But it has a disadvantage: it only functions when each IP address only hosts one domain. If multiple virtual services are...

Browser fingerprints: tracking without cookies

In recent years, so-called browser fingerprinting has established itself as a tracking method that doesn’t rely on the use of cookies. Web servers capture different characteristics from visitors’ browsers and determine their digital fingerprint based on them. They enable visitors to be recognised at a later date. While some information is automatically transmitted, it is mainly active elements...

Intranet | Secure internal data exchange

An intranet provides secure access to web applications within a corporate network for employees. With so-called firewalls and other security technologies, a company can ensure that no unauthorised persons can access the company’s intranet from the publicly-accessible internet. You can use web-like applications within an intranet and adapt your internal network individually to the needs of your...

Click fraud: how to out fraudulent clicks

Every year, click fraud costs the advertising industry billions. An increasing amount of advertising operators have to deal with the fact that their ads often don’t reach their intended targets due to artificially generated clicks through the likes of link farms or bot nets that seek to deplete advertising budgets. We take a closer look at the topic of click fraud and show you some counter...

ARP Spoofing: Attacks from the internal network

When it comes to network security, administrators focus primarily on attacks from the internet. But often times, the danger lurks in the internal network. If the LAN turns out to be a blind spot in the security IT, then internal attackers have an easy time. A popular method of attack is ARP spoofing. With this, hackers switch undetected between two communication partners in order to intercept,...

Web analytics and data privacy

Tracking tools can provide website operators with a useful indication on how to adapt an online project to suit a target group. These tools focus on user profiles, which reveal how users find the website, and which content provokes interactions. This information is based on user data, which can be subject to stringent data protection guidelines in some countries within the European Union. Find out...

What is XSS (a.k.a. Cross-site scripting?)

Have you ever heard of cross-site scripting (XSS)? This is when unauthorised users take advantage of security gaps in internet browsers and on web servers to plant malware and run it anonymously. But what lies behind these attacks and how can website operators and users protect themselves?

Sign e-mails with a digital signature

Spam e-mails may be annoying, but they’re mostly harmless. What’s more problematic is phishing – a technique whereby fraudsters try to con you by posing as trustworthy sender addresses in an attempt to get hold of sensitive data. These messages appear genuine too, because without a digital signature, it’s very easy to assume a trusted identity online. In order to protect customers and their own...

Social engineering – the security gap at ‘layer 8’

The most effective system break-ins often happen without a scene. Instead of disrupting central network devices with DDoS attacks or sneaking through onto operating systems with Trojan horse techniques, hackers increasingly try to exploit the human security gap. There are various such methods that fall within the broader category of social engineering: a technique that sees hackers gather publicly...