How to create java website secure and safe?

UPDATED: 25 December 2011

Web site developer must keep in mind before publishing site that site has enough validation to keep site secure and safe. I'll give you some tips and tricks to keep your java website safe and secure. The tips helps to prevent hacker from hacking your java website.

How hacker try to hack your site?

  • Check server loop holes. (Server vulnerable)
  • Cross the validation of site by disabling scripts. (Site vulnerable)
  • Wrong inputs

Above are the simple way the hacker try to gain access in your site. The advance hacker can hack site by cracking server.

Note: Chinese Hacker can hack Google, This tips helps but not assure that its provide full protection. 

  • Choose best server

    • - If you are planning to host your java site. Please choose best server, ensure server's security. I prefer to use
    • - Planning to set up your own server. Use best anti virus, Strong firewall, Close all loop holes.

  • Cross - Validation

    • - Validation must required for the site.
    • - Client - Server both side validation to protect site.
    • - If you created javaScript to validate email, hacker disable the javaScript and give wrong input. When request come to server check email on server side also.

  • File Upload (If allowed to users)

    • - User not allowed to upload  ( .jsp, .java, .class, .jar ).
    • - Suppose if user allow to upload .jsp file then hacker can read other .jsp page using file reader. It'll print all your .jsp page code.

  • Check each and every input with proper validation at server side.

  • Handle all errors with proper output.(Display error pages)

    •    505 - Shows database query error on webpage and shows all code of page.
    •    404 - Content not found

If you have other idea you can comment it. This will help other to secure site built in java platform.


  1. These are interesting steps for created Java website with security.

  2. This is important information about secure site in java..!