Today with increasing use of internet and increasing number of online users, web portal security has become one of the major concern.As long as security of online users is concerned there are many points to keep in mind and there are many levels of security to be maintained.One such step is use of SSL which is a protocol used to provide security over the Internet by encrypting the sensitive information sent over the internet from client to server or vice versa.This is a basic and first security measure to be adopted. However using only SSL doesnt guarantee the security of the whole system. As there are number of different attacks thus there are arenumber of security measures. The different attacks include SQL Injection, Cross Site Scripting (XSS), DOS or DDOS attacks,. Cross Site request forgery etc.Thus there are various steps to security-centric computer programming necessary to build low-risk web-based applications. Few security tips are1. Secure password storageNever store plain passwords in the database, this is the worst method to store passwords because anyone having access to database can see the passwords. Store encrypted passwords instead.Its is a good approach to encrypt a password by some encryption (hashing) algorithm like SHA or md5 (SHA and MD5 are hashing algorithms which cannot be decrypted) and store encrypted passwords in the database. This way even if a hacker hacks into thedatabase and steals passwords he/she wont be able login because the passwords are encrypted used directly to log into the system.2. Query filtering or Query parametrisationNever use user input data without filtering it. A web form comments box, data field or another area of a form that allows free data entry, especially open string input, can lead to variousattacks like SQL Injection and Cross Site Scripting (XSS). The user input must be filtered to stop hackers from entering some malicious SQL code and malicious scripts. This malicious SQL codecan be interpreted as part of sql command by the database and which can lead to information leaking. Validating user input is called Query Parametrisation.In addition of all these security measures its also recommended to test website security by using some website security tools also known as penetration testing tools like Netsparke, openVAS etc.As fas as clients like Steve Davis are concerned they also have some responsibility as well and they also need to take some security measures to be safe on the internet. Here are few tips forclients1. Always use upto date anti-virus and anti-malware software on their laptops.2. Never use pirated or untrusted softwares.3. Never click on unknown links or links sent via email from unknown users.3. Keep your laptops password protected.4. Do not use simple or easy passwords.5. Always check for correct url (Web Address like facebook.com etc) in the address bar of browser before entering login credentials.