StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Web Application Optimisation - Essay Example

Cite this document
Summary
The paper "Web Application Optimisation" states that the hosts of web accounts have no direct relationship with an optimization that is about to be performed (Cross, 2007). The hosting account is a foundation for website accessibility, prices, and security…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER93% of users find it useful
Web Application Optimisation
Read Text Preview

Extract of sample "Web Application Optimisation"

Web Application Development By + Reflection From the guest speakers talk we can reflect that awebsite is only successful if it can sell its aims and goals. When a website is built e.g. a politics website, blogger, or a market website there is a certain goal that it puts to the market so that buyers and users can read or purchase. Making a website “sell” is not a simple thing and their certain strategies that need to be in place to make it successful. The first thing that a web designer needs to consider is a means of getting people to their website, which is mostly referred to as Acquisition. The next step after acquiring people to the page is a means of converting and keeping them for long time as customers in order to get value from them. After the website has captured their real customers, it should now come up with a means of retaining them in the website by making them come back even with visitors. There should be potential in doing all these to ensure the website is successful (Read, 2001). Secure Web Development Web applications and websites in the recent world come to be the most popular tool that businesses and organizations like to connect with their customers, users, and prospects (Welling and Thomson, 2008). Attacks can occur in these web applications due certain security flaws. These attacks can harm the business by exposing sensitive information of the customers and the business, steal customer’s information and finally ruin the business reputation. Recent studies conducted showed that over 70% of all web applications are vulnerable to security flaws. Most of security flaws occur in the PHP coding (Standing, 2000). Attacks that may occur in web applications include Remote code execution, SQL injection, Format string vulnerabilities, Cross Site Scripting, and Username enumeration. These attacks occur due to somewhat poor programming approach. It is therefore important for web developers and designers to have knowledge on these attacks. These attacks results from factors discussed below. Remote Code Execution is where any desired information is retrieved from the web application. This is done when the attacker runs system code on the vulnerable server. The attacker access information and may go undiscovered by the web administrators (Weber, 2004). The attacker may also include any arbitrary files on the web application. An example of such attack is carried when an attack executes such an exploit code. SQL Injection is considered an old approach in web application security but it is still popular with the attackers. Here the attacker retrieves crucial and sensitive information from the Web application database. The degree of this attack varies from disclosing basic information to remote code execution (Polleres, 2011). Format String Vulnerabilities results when there is use of unfiltered user input. The user may use certain tokens to print data from the memory and data stalk of a web application. Cross Site Scripting is a malicious attack to the web application where the attacker uses malicious URL, which appears legitimate to execute plans as if logging in (Clark, 2003). This attack will lead to the attacker stealing victim’s cookies and use them in his session. Username enumeration is a type of attack where the attacks get to know whether the supplied username is correct or incorrect. The network and infrastructure components of the should be designed that you understand the security requirements of the network in terms of port restrictions, filtering rules, supported protocols etc. Find how the firewall and firewall policies can affect the web applications and its deployment. Since there are many firewalls in the web applications, it should also come to notification of addition firewalls that are in front of the database. At the design stage of the web application, reflect on what ports, protocols and services that should be allowed to access information from the webservers in the web application (Cross, 2007). There should be keenness on what security defences that the web application relies on to provide the network. Input validation is one of the steps that ensure that there is defence against possible web attacks. Although it is challenging an effective countermeasure can help prevent attack like SQL injection, XXS, and other input attacks (Hourieh and Chan, 2009). In web application, there is no validation that certain inputs are true, thus so all inputs should be considered malicious. The web application should consider validation of input its core element by using filters and other validation from other libraries. Authentication is another means of ensuring security in web application. This is done through the process of determining the identity of the caller. Passwords and usernames are used to authenticate the user. They are required to send their Passwords and usernames in HTML form (Welling and Thomson, 2008). In order to ensure authentication of user’s data and information, the following practices needs to be involved. Web applications should require strong passwords, protection of authentication cookies, supporting password expiration period, not storing passwords in user stores and separating public areas from restricted ones to eliminate security attack. Authorization is another means of ensuring security in web applications. It determines which information and data can be accessed by authenticated identity. Weak and improper authorization leads to leakage and disclosure of information. The authenticated user can tamper with the information. Therefore, defence in depth is the key principle in ensuring security in web application. Authorization can be improved by various practices like ensuring there are multiple gatekeepers on the server by using IP Security Protocol policies and restrict server-to-server communications (Standing, 2000). Another practice can be through restricting access to System Level Resources by user. This will help restrict which user can access, carry out operation on certain resources of the web application. The web designer should also ensure there are varying degree of scalability and granularity. Granularity relies on user impersonation. Configuration management is another step in addressing web security attack. Web application needs interfaces that allow operators, content developers, and administrators who will configure and manage user accounts, profiles, data pages and the Web page (Weber, 2004). This should be effective because most attacks are directed to the administrator thus changing its privileges. Sensitive data like addresses, credit card numbers, medical records, and others should be considered private and the web application should ensure they are not altered (Jortberg, 2007). Some business have secrets that are stored in web pages should be secured. Caution like the one not storing password in plain text, storing secrets in web page and it can be avoided should be taken. Cryptography is another means where web application use Cryptography to secure their data in persistent store or transmitted across other networks (Welling and Thomson, 2008). This method ensures authentication, privacy, tamperproof, and non-repudiation. Parameter manipulation helps in web application security. It ensures there is no modification of data sent from users to web application. It can be done through encrypting sensitive cookies, validation of all values from clients and ensure users do not by pass checks (Klopotek, Trojanowski and Wierzchon, 2006). Exception management that helps prevent denial of application-level and prevent useful information to be returned to clients from attackers. Logging solutions and centralized exception management should be designed to help monitor system administrations (Weber, 2004). The final step is setting up auditing and logging activities in the entire web application. This will help detect suspicious-looking activities and provide an early indication of attack. Auditing will help save files that will be required in legal proceedings to prove wrongdoing and attack in web application (Paltridge, 2009). Web Application Optimisation Web Application Optimisation is a vital part in web application development and maintenance. Optimization of website helps in speeding up of the site. In the internet world well performing web application, enjoy the advantage of high visitor engagement, retention and conversion (Henderson, 2008). It is therefore necessary to improve the performance of the websites through optimization. Website optimization has been seen to be effective. An example is Google Company when they released the Google Maps product. Initially the page size was 100kb but after optimization, they reduced it to 80kb. By doing so, they found out that there was 25% increase in the visitors. Amazon company had a different finding, they reported that their sales decreased by as more as 1% when the load time of their page increased by even 100ms. It is therefore important for monitoring the performance of a web application (Standing, 2000). This pressure has forced web developers to come up with certain strategies to help increase performance of Web application (Clark, 2003). These techniques are referred to Web Application Optimisation and are explained in detailed below. The first technique is through minimizing of HTTP requests. This is done through minimizing the number of rounds and trips that the browser is to make in order to join with the server. All the files including JavaScript, CSS, or images need to be downloaded to the browser first. Through minimizing of this request, the performance of the page will be improved significantly (Welling and Thomson, 2008). Introducing of files to the website should take the new format which is to increase the performance of the web application. Another approach to ensure good performance is through minifying of CSS, HTML and Java Script. Unnecessary characters can be omitted from the codes without affecting the codes performance. By removing this code, the size of the code is being reduced therefore reducing the amount of data that need to be downloaded to the browser (Weber, 2004). There are certain tools like YUI compressor. That can be used to minify these codes and increase the performance of the web application. Optimizing of images is another approach towards better performance of the web application. This is the most items that browser needs to download and they require many data. They cause slow in operation of web applications most of the time. One can use CSS to come up with graphics for items like buttons rather than using images that will slow the performance of the website. Images that cannot be transformed to graphics can be compressed them properly without losing their quality or look (Jortberg, 2007). This will result to beautiful optimized images for the web application. Use of Sprites is another technique in ensuring increased performance. For a website to open it needs to download every component like images in it. This can be minimized by combining the images into a single image to reduce queue when the browser tries to download the images (Welling and Thomson, 2008). Combining the images into a single will reduce the number of request the browser makes. Caching is another technique in ensuring web optimization. Web browsers allow caching of web pages, images, CSS, java files, and other cookies. Through caching, all this are stored and ill reduce the amount of data required to download thus improve the performance (Paltridge, 2009). This method is used on items that do not change. An expiry date is set for items that will change. Deferring parsing of JavaScript is another approach to good performance of the website. The browser needs to download all of its JavaScript files so that the website page can be shown. In order to reduce the amount of data needed to download this files they should not be loaded at the header of the HTML document rather be loaded at the bottom(Sorensen, 2008). This will speed up and the page will be shown even before the JavaScript file is fully downloaded The next technique can be through choosing a decent Web Host. The hosts of web accounts has no any direct relationship with optimization that is about to be performed (Cross, 2007). The host account is a foundation to the website accessibility, prices and security. There server should ensure he is in the safe host. Avoid dead end or bad requests is another approach. This are links in the website that result to bad request. They mostly result to in a 404/410 error (Polleres, 2011). These are inevitable in a website due changes, updates and movement of information and they should be fixed as soon as possible. They do not lead to ate of data but is considered a waste because the browser had to initiate the request at first. The next approach in ensuring good performance of website is called Content Delivery Network. Once every technique is amended are properly acted upon. The web developer should ensure that there are other copies of the website at various servers and located at different part of the world (Welling and Thomson, 2008). This will reduce the time that a user request to the time that server responds thereby increasing performance of the website. Bibliography References Clark, M. (2003). Data networks, IP, and the Internet. Chichester, West Sussex, England: J. Wiley. Cross, M. (2007). Developers guide to web application security. Rockland, MA: Syngress Pub. Henderson, H. (2008). The Internet. San Diego, Calif.: Lucent Books. Hourieh, A. and Chan, P. (2009). Django 1.0 web site development. Birmingham, U.K.: Packt Pub. Jortberg, C. (2007). The Internet. Edina, Minn.: Abdo & Daughters. Klopotek, M., Trojanowski, K. and Wierzchon, S. (2006). Intelligent Information Processing and Web Mining. Berlin Heidelberg: Springer-Verlag. Paltridge, S. (2009). Internet access for development. [Paris]: OECD. Polleres, A. (2011). Reasoning web. Heidelberg: Springer. Read, B. (2001). Advances in databases. Berlin: Springer. Sorensen, R. (2008). Inside Microsoft Windows NT Internet development. Redmond, Wash.: Microsoft Press. Standing, C. (2000). Internet commerce development. Boston: Artech House. Weber, S. (2004). The Internet. Philadelphia: Chelsea House Publishers. Welling, L. and Thomson, L. (2008). PHP and MySQL Web development. Upper Saddle River, NJ: Addison-Wesley. Read More
Tags
Cite this document
  • APA
  • MLA
  • CHICAGO
(“Advanced Internet Development Essay Example | Topics and Well Written Essays - 2000 words”, n.d.)
Advanced Internet Development Essay Example | Topics and Well Written Essays - 2000 words. Retrieved from https://studentshare.org/information-technology/1691084-advanced-internet-development
(Advanced Internet Development Essay Example | Topics and Well Written Essays - 2000 Words)
Advanced Internet Development Essay Example | Topics and Well Written Essays - 2000 Words. https://studentshare.org/information-technology/1691084-advanced-internet-development.
“Advanced Internet Development Essay Example | Topics and Well Written Essays - 2000 Words”, n.d. https://studentshare.org/information-technology/1691084-advanced-internet-development.
  • Cited: 0 times

CHECK THESE SAMPLES OF Web Application Optimisation

Team Progress Report Assignment

Verizon on its part uses advanced technology in communicating to its staff members… This has been made possible through the application of mobile capabilities as well as communications and collaboration, ranging all the way from the leaders in the company to the low level employees.... This has been made possible through the application of mobile capabilities as well as communications and collaboration, ranging all the way from the leaders in the company to the low level employees....
1 Pages (250 words) Admission/Application Essay

Discussion Post

(Cenage Learning, Building an Argument With web Research) I believe that there is no argumentative topic that will not be fit for the academia because people always find something to disagree about.... web.... “Building an Argument With web Research”.... web....
1 Pages (250 words) Admission/Application Essay

One-Million-Dollar

The recent buyout of WhatsApp by Facebook amounted for a total of $19 billion and that is a point of realization that one million… This writing will focus on how I plan to spend or use an amount of dollar one million and the rational reasons behind the way I use them. Having Admission application One Million Dollar Plan Introduction An amount of one million dollar may at first seem to be a huge amount and people may believe that one can send their entire life with this amount....
2 Pages (500 words) Admission/Application Essay

Interview a CEO

It is an ever more expanding chain of superstores.... Utilizing pure and quality production of easily affordable food for all; its… It has a diverse menu of food from salads to delicacies; all made under careful supervision and modern techniques by professional taking necessary THE MORRISON'S Bradford, West Yorkshire....
1 Pages (250 words) Admission/Application Essay

How Will We Love

Actually, in ordinary lives of generations this thesis is reflected in the fact that grandparents can celebrate their 50th, 60th or even 70th anniversary of marriage… To start with, older people in terms of previous cultural framework had more commitment in their romance than younger people....
1 Pages (250 words) Admission/Application Essay

What Does the Russian Meteorite Tell Us About Surveillance Culture

web.... web.... Many people are adopting the emerging technologies, especially in surveillance.... People are keeping a record of their lives and interesting events.... Surveillance has become an important part of human life.... Mounted cameras record… People mount the cameras mostly on vehicles, bicycles and homes....
2 Pages (500 words) Admission/Application Essay

Masters degree in business administration

I matured as a person and learned the value of The paper "Masters Degree in Business Administration" is a great example of an application/admission essay on business.... I come from a middle class family.... My father was an accountant for the ministry of labor and my mother was a school teacher....
2 Pages (500 words) Admission/Application Essay
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us