Security

SSL stripping – how to protect your web project

SSL stripping: Basics and protection options

Data transmission via SSL/TLS is one of the most effective means to give a web project more security. Even before packets are sent, powerful algorithms ensure the encryption of the information. If third parties capture the data on the transmission path, the true content remains hidden from them. However, it becomes problematic if attackers are active with their tools before the encryption process...

HPKP: The security feature for SSL/TLS certification

HPKP: What is behind the public-key pinning extension for HTTP

SSL/TLS certificates play an increasingly important role in the transmission of sensitive data. They guarantee that data packets reach the desired addressee without any detours. Problems only arise when internet users are deliberately redirected by invalid certificates from dubious certification bodies – a scenario that can be prevented using so-called HTTP public key pinning (HPKP).

StartTLS

StartTLS

StartTLS initiates encryption of an e-mail based on the TLS protocol. For this purpose, the server is pinged without encryption first of all, and StartTLS support is requested. The encryption method can be used when the answer is positive. StartTLS is handy, as e-mails are encrypted automatically once the method has been accepted. You don't need to contact a dedicated port, StartTLS can simply be...

Securing a server: correctly configuring Linux, etc.

The right configuration to secure your server

If you operate or rent your own server, it is your responsibility to protect it against failures and external access. You can immediately begin to set the foundation for this when configuring the server, if you have the necessary administrative rights. The correct settings can work wonders, especially with encrypted remote connections via SSH protocol, and greatly increase security.

Creating an IT disaster recovery plan

For when the going gets tough: the IT disaster recovery plan

For businesses, a reliable IT infrastructure is just as integral to day-to-day operations as competent management, productive employees, and reasonable working conditions. A server outage is able to paralyse an entire company. Adequate preparation can help prevent some of the most common errors from occurring; unforeseen risks, however, will always remain a factor. In order to be on top of your...

Windows 7: End of Life

Windows 7 end of support: What you need to do?

Even years after it was first released, Windows 7 continues to be one of the favourite operating systems worldwide. But with Microsoft announcing the end of its support for Windows 7, many PC users will need to upgrade or look for an alternative. But just because Windows 7 has reached the end of its life, doesn’t mean the software is no longer working. Windows 7 EOL means that Microsoft will no...

Comparison of the best antivirus programmes

Antivirus software: Which software is best?

Antivirus software has sadly become indispensable as new types of threats against your system emerge regularly. Viruses, worms, Trojan horses, and many other types of malware threaten to infect your system and could cause significant damage. To counteract these threats, software makers try to fight off malware attacks with intelligent antivirus programs. Find out which rank top in our antivirus...

SQL injection: Fundamentals and safeguards

SQL Injection: Protect your database system

There are daily reports on how security gaps in applications are exploited – because hardly a day goes by without a new gap being discovered or a known gap being closed. One attack method, which has always been based on exploiting such weak points, is called SQL injection. But what is actually hidden behind the malicious database exploitation and how can you protect your database system from it?

Client to Authenticator Protocol (CTAP)

CTAP: A protocol for more security & convenience on the web

Try and imagine a world where you don’t have to memorise passwords: Thanks to FIDO2, this could soon become a reality. Authentication in online shops or for online banking can be done through a fingerprint or hardware token. The latter can communicate with laptops of PCs through a USB, NFC or Bluetooth. To enable conversations between two devices, FIDO2 uses the Client to Authenticator Protocol...

Zero-day exploit

Zero-day exploit: Explanation and protection measures

The risk for businesses to fall victim to a zero-day exploit has increased in recent years. More and more often, cybercriminals can take advantage of as-yet undiscovered weak points in business software in order to steal or manipulate data. It is difficult to protect against these attacks, but businesses can take some measures to improve their security.


We’re all in this together. At IONOS we are
#hereforyou
Coronavirus is a challenge we need to face together.
We've created special offers on key products to help
your business keep going.
3 months free
Online Shop
Be where your customers are with your own online store.