Recently, there have been several news stories about the Web sites of huge businesses being hacked and their user information compromised. When this happens to a large department store or other well-known business, it is definitely headline news. However, 80 percent of attacks on Web sites target very small businesses.
Allowing Comments Engages Visitors
Allowing visitors to comment on your Web site can be a valuable marketing tool and can draw new visitors to the site as well. Commenting or uploading content to a favorite site gives visitors a feeling of belonging and community and will keep them returning time after time to check for updates, news and add new commentary. However, it can leave your site, and your visitors, vulnerable to attack.
Common Attack Method
Is My Site Vulnerable?
Prevention is Best
The first step is to know who is commenting on the site by requiring visitors to create an account before being allowed to add content. The easiest way to prevent attacks is to not allow visitors to post HTML code when commenting. There are inexpensive programs that will strip any HTML code or other markup language from user content. However, some Web site owners would like to allow visitors to be able to include HTML code in their comments for a variety of reasons. The Web site developer can include code that will disable user uploaded HTML code until it has been reviewed and cleared by the administrator. Make certain all computers associated with the site have all software updates in place. Invest in inexpensive, real-time scanning tools that will scan user content and check for suspicious code and spam.
Taking these simple measures to protect private data will go a long way toward building customer confidence and cyber-reputation of your Web site.