Protecting your web site won't take a gun. Web sites get compromised in all sorts of ways. Some are at the server level but most are at the web site level where you as the web master can take steps to protect yourself. Let's talk about a few of the security issues facing the web master:
Virus Threats and DOS
The most recent spate of viruses included one that attacked servers running a particular type of Windows operating system. The bug caused a pop up window running malicious code to infect every visitor's computer. While the patch was soon in coming, it was a disaster for anyone caught by this virus. As a result of this, many people have temporarily switched off javascript capabilities in their browsers as a security measure.
Denial of Service attacks are where so many requests for information arrive at the server at the same from so many different computers time that the server is overwhelmed. These types of attacks on a server take experts to resolve. Meanwhile, your web site is unavailable during that time.
Talk with your web hosting service and see whether they have firewalls, up-to-date server software, and a means of fending off denial-of-service attacks. These things are beyond your personal scope of remedy except as an informed customer. If you don't like the answers, move your web site to a better equipped hosting service.
Copyright Issues
Many beginning web masters worry about copyright issues. Copyright issues are the least of the problems. First, use original work if possible. Don't use other people's artwork or print material on your web site without permission. Permission is usually given if you simply ask.
Next, If you are worried about somebody stealing your original work by downloading a file, then don't put that work on-line. The whole point of the web is easy communication and spread of information. I would suggest you put a basic copyright notice on your site and forget about that issue, unless of course you are an artist. Artists use various means of tagging their images to prevent abuse.
For most web sites, invite people to use your graphics or reprint your materials in exchange for a link on their site. It will improve your web site traffic and get more people aware of your organization. Make the fact that people will borrow your work a plus, not a minus. The only time this becomes a real problem is if the borrower copies the whole site and tries to pass it off as their own (in which case get a lawyer.)
Don't put sensitive information on your web site or store it there either. You'll find that search engines index every page over time and you don't need a secret memo popping up in Google. Password protecting sensitive information seldom works either. It's an invitation to hackers.
Frame Traps
One reason a lot of web masters don't like frames is that their material can get utilized by other web sites and passed off as the other person's work. Some major web places like About.Com uses frames for offsite links but they include a "close frame" button. Less experienced webframers may not do this.
You can avoid getting trapped in someone else's frames. There are simple ways to code in frame-breakers. Of course if you are using frames yourself, the techniques won't work.
- Use target attributes for links.
- Target attributes tell the visitor's browser where to display the page. The target="_top" when used in internal page links will generally break a visitor out of a framed web site because the browser puts the page in a full window on "top"
- Use a javascript to break out of frames.
- There is a simple java script with directions at:http://www.jokes2000.com/html/escapeframes/
- Validate your code.
- Clean code is less subject to faulty displays and leaves less "hooks" for new threats to attach themselves to your page without your knowledge.