To make the web a secure place to work, various tools are being designed everyday. There are different types of firewalls, anti-root kits, anti-virus, anti-spam tools available in the market. One can make judicious use of all of them as per his/her needs and network infrastructure. Besides these tools there are other methodologies also which should be considered while securing the web pages online. For example:

• Disabling the Guest account: Most of the Windows servers have a guest account by default. This account gives the users limited access to the server’s resources but as it does not asks for password anyone can log into the server and try to infiltrate the data somehow.

• Don’t forget to rename the Administrator’s Account: By default the Windows server assigns ‘administrator’ as the user name for the administrator account which has all the powers and access to all the resources. If you don’t rename this account then half the work has been already done for the hacker. Now he has to guess only the password.

• Take your passwords to the heights of complexity and ambiguity: The passwords should always be very, very complex. You can set a strong password policy for your servers to avoid successful password guess by the hacker.

• Disable the unwanted protocols: Not all the protocols running in the background are needed all the time. Thus it is recommended that all the unwanted protocols must be disabled as these protocols open up different communication ports on the network. For example if the Telnet protocol is enabled unnecessary then the hacker may get successful in establishing a remote connection with your server.

• Use SSL: SSL (Secured socket Layer) is a protocol which is developed to promote web security. It allows the use of a large number of encryption methods.

• Use SHTTP: SHTTP is a short for Secure Hyper Text Transfer Protocol. It is an extension of the standard HTTP protocol and is different from the SSL but is used for the same purpose; to deliver secured web pages.

• Use Certificates: Certificates can be used in order to ensure leak proof transactions over the web. It features user authentication. They are digitally signed electronic documents which verify the connection between a server’s encryption scheme and the server’s identification. All the digital signatures, cryptographic functions and trust policies are defined while issuing the certificates and they are issued by the third parties known as Certificate Authorities. In order to get a certificate for a web site one has to get registered with this authority. The digital certificate which is then issued is unique.