1
00:00:02,120 --> 00:00:03,870
Earlier in this course,

2
00:00:03,870 --> 00:00:06,740
we talked about user authentication

3
00:00:06,740 --> 00:00:11,410
and making sure that users can log in, sign up and so on.

4
00:00:11,410 --> 00:00:13,410
In this course section,

5
00:00:13,410 --> 00:00:16,960
we're now going to dive into website security,

6
00:00:16,960 --> 00:00:20,220
which might sound very related.

7
00:00:20,220 --> 00:00:22,610
And indeed, there are courses

8
00:00:22,610 --> 00:00:26,120
where the concept of securing your website

9
00:00:26,120 --> 00:00:30,370
is mixed with the concept of adding user authentication.

10
00:00:30,370 --> 00:00:33,960
But actually, as you will learn in this course section,

11
00:00:33,960 --> 00:00:36,550
these are totally different things.

12
00:00:36,550 --> 00:00:38,670
You have to secure your website

13
00:00:38,670 --> 00:00:41,810
no matter if you have user authentication or not,

14
00:00:41,810 --> 00:00:44,000
and user authentication itself,

15
00:00:44,000 --> 00:00:46,560
if you add that feature to your website,

16
00:00:46,560 --> 00:00:49,590
is not a mechanism for securing your website,

17
00:00:49,590 --> 00:00:53,090
as you will see, but we'll get there step-by-step.

18
00:00:53,090 --> 00:00:54,480
In this course section,

19
00:00:54,480 --> 00:00:57,610
we are going to start by first exploring the difference

20
00:00:57,610 --> 00:01:01,200
between website security and authentication

21
00:01:01,200 --> 00:01:03,320
that's being added to a website

22
00:01:03,320 --> 00:01:06,460
before we then dive into some very common

23
00:01:06,460 --> 00:01:08,900
and dangerous attack patterns

24
00:01:08,900 --> 00:01:11,460
to which your page might be vulnerable.

25
00:01:11,460 --> 00:01:15,790
Specifically, we are going to dive into CSRF attacks,

26
00:01:15,790 --> 00:01:19,410
XSS attacks and SQL injection attacks.

27
00:01:19,410 --> 00:01:23,200
And I'll explain what these attacks are, how they work,

28
00:01:23,200 --> 00:01:25,810
I will show you how to run these attacks,

29
00:01:25,810 --> 00:01:27,960
and of course, most importantly,

30
00:01:27,960 --> 00:01:29,740
I'm then also going to show you

31
00:01:29,740 --> 00:01:31,800
how to defend against these attacks

32
00:01:31,800 --> 00:01:35,600
and how to make sure that your page is not vulnerable

33
00:01:35,600 --> 00:01:37,690
against these attacks.

34
00:01:37,690 --> 00:01:41,770
Last but not least, and definitely related to these attacks,

35
00:01:41,770 --> 00:01:44,760
we are going to talk about the importance of escaping

36
00:01:44,760 --> 00:01:46,820
and sanitizing user input,

37
00:01:46,820 --> 00:01:49,160
and you will learn what exactly that is

38
00:01:49,160 --> 00:01:52,580
and how third-party libraries can help you with that.

39
00:01:52,580 --> 00:01:55,420
So there's plenty of extremely important content

40
00:01:55,420 --> 00:01:56,720
in this course section.

41
00:01:56,720 --> 00:02:01,240
And hence, this is absolutely a section you should not skip,

42
00:02:01,240 --> 00:02:04,490
but instead, this section contains information

43
00:02:04,490 --> 00:02:08,600
that every web developer must know and understand.

44
00:02:08,600 --> 00:02:09,713
So let's dive in.