Yahoo Answers is shutting down on May 4th, 2021 (Eastern Time) and beginning April 20th, 2021 (Eastern Time) the Yahoo Answers website will be in read-only mode. There will be no changes to other Yahoo properties or services, or your Yahoo account. You can find more information about the Yahoo Answers shutdown and how to download your data on this help page.

Trending News

Promoted
?
? asked in Computers & InternetProgramming & Design · 2 years ago

How do I prevent my website from being hacked?

Hello,

I am a beginning web programmer (HTML and CSS). I am curious as to how websites get hacked. Is there anything I need to be aware of as a beginner?

For example, let's say that I create a simple one-page website using HTML and CSS, and I host it on Bluehost by uploading the html and css files to their server. Is my website at risk from hackers just at this point?

I want to learn to program, and build simple websites for regular people and small businesses, but I'm worried about hackers. I know that I shouldn't share passwords or use them over wifi, but outside of making sure things are coded properly, what do I need to concern myself with?

Thank you.

2 Answers

Relevance
  • Anonymous
    2 years ago
    Favorite Answer

    HTML and CSS alone are not vulnerable to attacks since there's not data being submitted to your server.

    As soon as you bring in a server side language, a database, and user information, you have to concern yourself more with security. Common ones that should be on your mind, if you get this far, include CSRF attacks, Session hijacking, SQL injection, XSS attacks.. Additionally, making passwords securely hashed is extremely important, never store them as plain text in a database. However, a lot of these attacks are easily preventable through their own ways. The problem is that novices leave easy-to-secure doors open to hackers. Thus, they're the primary targets of hackers. If you're dumb enough to allow SQL injection on a production server, you deserve to be hacked.

    However, HTML and CSS are static files and can only really be downloaded. They have no interactive features, and thus have no real security features. Even if they did, you wouldn't have any user data being vulnerable, so the risk is minimal. So if you're planning on sticking with just those, you don't have much to worry about.

    The only vulnerabilities you could possibly have are at the server level... Like if you allowed SSH, FTP, or any other direct access to your server. In that case, a hacker could go on a rampage with your files and/or account.

  • Bill-M
    Lv 7
    2 years ago

    Your Host has measures in place to prevent hacking.

    I have a web page also and I don't have any thing special in the HTML/CSS.

    I leave that up to my host.

Still have questions? Get your answers by asking now.