How to Tell Whether the Website is Secure or Not

4

Due to the technological advancement, the world is more dependent on the internet than ever. So it is important to check the security of a website.

You can use the internet to buy cheap and everyday things like vegetables to the expensive things like jewelry. In the beginning, people were afraid to use online payment methods like the debit card, credit card, net banking etc. They were likely to go with the option of Cash on Deliver (COD) if available.

But now the time has completely changed the concept of shopping online. Most of the people use prepaid orders. So while doing transaction it is safer to check whether the data and information that you are giving to the eCommerce website are actually in safe hands.

There are several ways to check whether the website is secured or not. Here we are going to see all of those ways:

Steps to Tell Whether the Website is Secure or Not

There are two ways to check the security of a website. One is the manual way and other is to use third party tools. So let’s check out both of them:

Manual ways to determine website security

1. Check Website’s SSL Certificate

When you are surfing authority websites you can see the green padlock symbol before the URL in your browser. On Google Chrome browser, you will see a green padlock with Secure text.

This can be seen at almost all big e-commerce and casino websites. Where the security of data is necessary than ever. E-commerce and online casino sites have integrated payment gateways in their system that take confidential information for payment from the users. SSL certificate makes sure that this information don’t get intercepted other that the authorized party.

There are several popular payment gateways used by such like PayPal, PayU, Neteller, PaySafeCard etc.

SSL Green LockPad Chrome

If you see this kind of thing then you are good to go. However, if you still want to keep digging. Here are some steps you can follow to check the authenticity of the SSL certificate manually:

Note: Here we are performing SSL Certificate audit using Google Chrome. Things to look for in an SSL certificate are same but the procedure may be different for different users.

  1. Open up the website you want to check.
  2. Right-click anywhere on the page and click inspect element.
  3. Go to Security Tab. You will see something like this:Security Overview Chrome
  4. It means you are good to go with the website. If you still aren’t satisfied then click on View Certificate.SSL Certificate Information Chrome
  5. If the SSL Certificate is issued by some trustable authority and valid for the current time period then rest assured with the website you are dealing with.

2. Look at the domain

Sometimes hackers use deceptive website URLs to trap the users, get their credentials and misuse the information they get. This can be done via several techniques but we will not get into it for now.

So let’s talk about how we can be safe from this kind of attacks:

  1. Check that the URL you entered of the site is correct. For example: if you are opening facebook then make sure the URL is facebook.com not something like facbook.com.
  2. If you notice that something is off about the website then try to open the website on different device or network. In case both looks different then there might be a DNS attack.

If this was not enough. Tell us what are the other ways using the comment section at the end of the article.

3. Find Reviews of the Website using Google

If you are experimenting something on some new website, that you haven’t heard of before then continue reading. Almost every website whether it is legit or not has been reviewed by someone on the internet.

And you can find these reviews using the internet guru Google. Here is what you can search on google. (In our case we are using Amazon as the website.)

Type keyword Amazon and then search for reviews, product not delivered, fake product, never buy etc.

Amazon Negative Review

You will get plenty of results. You can compare the user reviews and you can tell whether the website is legit or not.

Tools to tell if website is safe & isn’t infected with Malware

Now coming the advanced way of testing security of the websites. This is not only helpful for user perspective but also for webmaster purpose.

And most importantly security check of CMS like WordPress, Joomla, Ghost can easily be tested using these tools:

1. Sucuri

Sucuri

Sucuri the most popular website scanner you can find on the internet right now. It can scan whether the website is affected by malware, it’s IP has been blacklisted or SPAM is injected. It quickly gives the scan result in few seconds.

Visit Sucuri

2. SSL Labs

Qualys SSL Labs Report

SSL labs will perform a complete and deep scan on the quality of SSL certificate and connection that is used by the website. It will take few minutes to test and the quality of security is graded. Here is what the report will look like:

Visit SSL Labs

3. Quttera

Quettera Website Scanner

Similar to the Sucuri website scan, Quttera will determine whether your site is affected by any kind of malware or not, suspicious files or URLs on your website and more.

4. Norton Safeweb

Norton SafeWeb

It is not much of a security scanner but it does it job right. It collects some of the data on their own and most of the review is dependent upon the user ratings and reviews of that website.

You can create a free account there and write a review of your experience with the site. It will prove helpful to the user who is looking for an honest opinion.

5. VirusTotal

VirusTotal

If you are into downloading lots of data from the internet. Then somewhere on the downloading site, you may have come across that this file is scanned and verified by VirusTotal.

What does that mean?
It means that the file is scanned online using VirusTotal and most likely to be free from any kind of malware.

Similarly, it can also scan remote URLs and give a report on its security.

Visit VirusTotal

6. SiteGuarding

SiteGuarding Malware Scanner

It will check the website for the malware, blacklisted IP, any defacement, SPAM injection and much more. It can be used to scan CMSes to test their security.

These were the best tools that you can use to scan a website. However, there are lots of other tools you can find but we think that these 6 tools have covered the most ground.

If you have any interesting thought or any doubt regarding what we did in this article, then feel free to leave it in the comment section below. We will be honored to get your feedback and will try to improve at our best.

4 COMMENTS

    • Yes, https means the data sent to website can’t be intercepted by any other party except the authorized party. Tell us the details of server and we will let you know how can you add https to your site.

LEAVE A REPLY

Please enter your comment!
Please enter your name here