Ram Sharma Cyber Alerts

FREE Migration from Magento Go to Community Edition We are now offering FREE migration from Magento GO to Community Edition when you order hosting with us. It was recently announced that Magento’s own hosted GO platform would be  closing down  on February 1 st  2015. In light of this, many people are moving over to their self hosted platform,  Magento Community Edition . Magento GO is fairly locked down, which means we’ll only be able to extract your raw product and customer details. Depending on your setup over at GO, we’ll try and bring in as many product images as possible though this isn’t guaranteed and you may need to re-upload them. As part of your setup with us, we’ll install Magento Community Edition, import your products/customers and help you switch over your domain when you are ready. All you’ll need is a hosting package with us – we recommend a minimum of  Tornado  for Community Edition as it is a very memory hungry platform, though your store may need a bigg

Security Best Practices for Migrating your Database to the Cloud What is/was your biggest hesitation in moving databases to the cloud? More and more organizations are moving applications and databases to IaaS/PaaS environments in order to enjoy the benefits of cloud computing while still preserving application flexibility and control. However, many enterprise IT departments have serious concerns about moving their more sensitive servers and data to the cloud. These concerns are the same whether they are migrating from MySQL or SQL Server, or migrating to Amazon Web Services AWS , Window Azure, Google Compute Engine, VMware VCloud, IBM Cloud (Softlayer) or any other cloud hosting service. They have good reason for concern: industry experts agree that there is no question that moving sensitive data into the hands of third-party cloud providers expands and complicates the risk landscape in which companies operate every day:  The Cloud Security Alliance states that data brea

This manual describes common security problems in web applications and how to avoid them with Rails. Secure coding checklist : Ruby on Rails  : Attack Vector/Vulnerability Solution input/output validation white-list filtering as early as possible use  safeERB ,  XSSshield , etc. use  .find(params[:id])  only with additional parameters or  @user.order.find(id) SQL injections use  bind variables  and an array for SQL queries using  .find use  sanitize_sql()  or  prepared statement  for remote SQL queries use  protect_from_forgery  (CSRF) use escape methods for Shell LDAP ... Mass Assignment use  attr_accessible don't pass user-data to  .new  or  .create take care with  redirect_to session handling use SSL use strong passwords only 6 characters numbers and letters verify with  cracklib-ruby use password  salt use  key derivation function  for further processing ( RFC 2898 ) use a random+changing  :secret  for the Cookies all controller

Securing Your Application (web) third layer of security  by basic coding practices . T his part will focus completely on the third layer of security - your application itself. So here, I will show you techniques that you can use to protect your  application  from attacks and intrusions by simple coding practices . Using a Database When communicating with a database and in order for your data to remain safe, keep the following key points in mind: Always Escape Queries To stop attackers from using  SQL Injection , you have to escape all users' input so they can't inject SQL queries into your application(for example, during a login). In pretty much all of the database drivers, for all languages, there is an option to escape user input. For example in  node-mysql  for Node.js, instead of doing your queries like this: 1 connection.query( 'SELECT * FROM users WHERE name = \'' + username + '\' AND password = \'' + password '\';&#