1. Home
  2. Samples List
  3. View

Boosting Web App Security with Email Service

Running head: BOOSTING WEB APP SECURITY WITH EMAIL SERVICE 1
Boosting Web App Security with Email Service
Name
Institution
Date of submission
BOOSTING WEB APP SECURITY WITH EMAIL SERVICE 2
Abstract
The following project is an understanding and review of how email service has
been used as a security feature in the modern web applications created. The connections
offered by the world wide web has made the application of websites to store a lot of
personal data online making them vulnerable to attacks since the data stored online can
be accessed by the public. The email confirmation feature comes in handy to help prevent
bots from registering accounts online and helping hackers manipulate private
information, especially for businesses that are done online. Most of the websites which
have private log ins to access products and services but the administrator cannot tell is all
the users are genuinely customers or beneficiaries of their online platforms. The email
confirmation feature comes in handy to assist platforms that do business online to know
who they are dealing with and that the details belong to that person. Many online money
transfer platforms need verification of details before they can allow the user to continue
using their services. This report shows a review of the email confirmation service and
how it has been used to boost security in terms of credentials to most of the online
business platforms. This report has a practical solution of code that is a software
development standard which shows how email verification feature can be used to protect
user log in by confirming credentials. It then goes more in-depth into how security
features should be upgraded and used to protect data, store it and protected it to be used.
The report shows why it is very important for some online websites to use email or phone
verification to confirm credentials before allowing the user to continue with their
services. Finally, it presents the threats that are being faced owing to this same thing and
the way there is a continuous evolution of risks and means to combat it.
BOOSTING WEB APP SECURITY WITH EMAIL SERVICE 3
Contents
Introduction ......................................................................................................................... 4
Objectives ....................................................................................................................... 5
Methodology ................................................................................................................... 6
Planning .......................................................................................................................... 7
Expected outcomes ......................................................................................................... 8
Conclusion ...................................................................................................................... 9
BOOSTING WEB APP SECURITY WITH EMAIL SERVICE 4
Introduction
The way we look at communication had been changed by the advent of the
internet in the 1990s. However, the game of connectivity was taken one step further by
the introduction of website platforms like social networks and other interaction features
that ensured connectivity on the go at all times. As a result, the world wide web became
the point of access for people across the globe. However, it became the Centre for all
information, personal and official that a person may get access to. The ease of use and the
easy availability were factors that led to a large traffic using and publishing their
businesses online. While anyone could get access to internet, some people have taken
advantage by using this opportunity to interfere with other networks online by either
tapping their information or hacking passcodes and interfering with online business such
as the ecommerce stores. Hosting of website applications has widely grown while the
number of people who are focused on through passing log in security credentials.
Implementing the log in strategy to prevent cybercrime is one of the most important thing
that should be considered when giving the public access to an online site. It has been
discovered that most of the companies are using web services to better their delivery
services to their customer. Email and phone verification comes in handy in every task
that deal with credentials, whether it be sending or receiving money online, getting access
to an online business platform, either an ecommerce site. Cybercrime is a new form of
hacking that came to take advantage of these online businesses like the e-commerce
stores.
BOOSTING WEB APP SECURITY WITH EMAIL SERVICE 5
Many people have now started storing their bank data, passwords, official information or
any other kind of vital data online or the various clouds that are accessible but these types
of storage have often been compromised. While they were easy to use, they were even
easy to spy upon by unethical hackers.
Objectives
The sign-up page in a web application can be easily modified to have the email
confirmation feature. The email confirmation feature has helped users to confirm their
credentials. It has also helped users recover their passwords when they are forgotten. This
can easily be done by clicking the forgot password link and a password is sent to your
email. The email verification feature has the ability of connecting you to services from
online business platforms like Skrill, PayPal, pioneer, etc. these among other major
purposes of this feature are very vital in securing an account with a public user before
offering services. The most important thing is if there are several sessions going on
different devices. When the user logs in with one device and another device logs in with a
different IP, the web application uses the email to confirm if the log in is secure and if it
is the same person using the website. A token code is sent to the email and the user then
pastes the token code to the log in confirmation page to proceed if the codes match. If
not, the user wont be guaranteed to proceed. This is a security feature which has done
well in ensuring security of web applications.
BOOSTING WEB APP SECURITY WITH EMAIL SERVICE 6
Methodology
One of the ways that has been used to create this function adding confirmation
when the user is registering to use backdoor services in a website application. A member
account is created in the registration page. A normal code,
webSecurity.CreateUserAndAccount is called but True must be passed for the parameter
requireConfirmationToken. This will automatically create the account for the user to be a
member while it sends a verification token to the email used during registration. This
token might be in different formats with a specific value, e.g.
http://votema.herokuapp.com/site/confirm?token=HgaBVPdJe3wMgjJiRiDJXM8k2EJKr
Zq0
which I have used to verify a registration process in my simulation app. This token is a
unique way of identifying the account being registered and after the code is clicked, it
sends the user to the web application and displays a message, email confirmed
successfully (Pope, 2011). The database will have a membership account field,
IsConfirmed, updated as true and the user can log in. if the user uses a new device to log
in, a token code with still be sent a registered email and then the user will have to paste
the code to the log in verification page to access the web application. In the confirmation
page, the token will be extracted and the webSecurity.ConfirmAccount method will be
called and the token is passed. If the token is similar with the one sent in the email, the
IsConfirmed field for this device in the database becomes true. The user can then log in.
BOOSTING WEB APP SECURITY WITH EMAIL SERVICE 7
Planning
While there has been a rise in cybercrime, there has also been an increase in the various
measures taken to make website applications more secure. It would be appropriate to say
that website applications these days have come a long way from what they used to be in
the initial stages of their introduction in the market. companies using website applications
and application developer organizations are always on the lookout for new threats that
continuously linger about on the internet. While there has been a considerable
development of systems that create security for online, there needs to be a constant
development of such processes and systems (Pope, 2011). This is because while the
security systems are developing, there is a massive network of unethical hackers waiting
to create means to hack the new systems. The organizations are and should continue to
follow the Kaizen methods to keep on improving the systems. While access to a web
application may apparently look safe, it is never so at any given point of time (Pope,
2011). This is because the website application may have closed all the earlier points of
access but it still contains several loopholes that are being used by hackers to gain access
to personal data.
BOOSTING WEB APP SECURITY WITH EMAIL SERVICE 8
Expected outcomes
This is a two-step process which comes along with many benefits for those web
application developers who decide to exploit it. One positive outcome is that it is the best
way of identifying the user who is registering to make sure that its not a programmed bot.
it has also some sense in that it will make sure that those who are registering are real
people who are serious with the registration since they would have an extra task to verify
their registration (Mailpoet, 2017). It also brings consistency in registration in that there
would be no multiple identities and their username would have to be there real name.
What can be expected from the monitoring of possible threats in the future is the
development of new website applications that are more secure than earlier ones and
would be ready against future threats. These software engineers or organizations creating
website applications and developing platforms need to be in constant search for the
loopholes that might be utilized by the hackers. Such a task needs a considerable amount
of foresight before they can be implemented (Mailpoet, 2017). A level of preparedness
that encompasses the idea of what might happen and what tools might be used is the key
to creating a solution and more secure solutions for future use since the email verification
might still come to be compromised at some point since every side of the game is getting
better. The developers and the ethical hackers both are advancing. The email
confirmation feature will collectively avoid fake emails, those who mistype their emails
can correct and also encourages loyal subscribers to the web application (Mailpoet,
2017).
BOOSTING WEB APP SECURITY WITH EMAIL SERVICE 9
Conclusion
This final project met all its objectives. For a period of time, I have designed the
applications system and implemented it to meet its objectives. I have done its debugging
and prepared this written report to talk about the importance of this feature in todays
choice of website applications. Most of the common web applications that are powered
by google are using this feature and it has made their systems to be secure up to date.
Object oriented programming has also been used in this feature because it requires
abstraction of data, extensibility and reusability of code to be made easy and also
modification of code to perform certain procedures. The use of all these functions were
enough in accomplishing the most important part of this feature which is confirming
email being used and if the account is valid by the user. The future concern of this feature
is if it will still be able to legalize online accounts and help web application
administrators know if the users are valid and are of true missions to get access to
services and no other negative purpose. This feature enables the ability of the web
application to detect and prevent bot registrations and also inform the administrator on
registration mischiefs by certain users.
BOOSTING WEB APP SECURITY WITH EMAIL SERVICE 10
References
Mailpoet. (2017). Why you should use signup confirmation (Double Opt-in) - MailPoet 2
Knowledge Base. Docs.mailpoet.com. Retrieved 5 December 2017, from
http://docs.mailpoet.com/article/24-enforce-email-confirmation
piller, m. (2017). Feature 84: Customizable messages for email address confirmation
(upon user registration) | Backend as a Service Platform. Backendless.com.
Retrieved 5 December 2017, from https://backendless.com/feature-84-
customizable-email-address-confirmation-message/
Pope, M. (2011). Using the confirmation feature for ASP.NET Web Pages security -
mike's web log. Mikepope.com. Retrieved 5 December 2017, from
http://mikepope.com/blog/DisplayBlog.aspx?permalink=2267
BOOSTING WEB APP SECURITY WITH EMAIL SERVICE 11
Appendix 1
Source Code:
Layout of the application:
<?php
/* @var $this \yii\web\View */
/* @var $content string */
use app\widgets\Alert;
use yii\helpers\Html;
use yii\bootstrap\Nav;
use yii\bootstrap\NavBar;
use yii\widgets\Breadcrumbs;
use app\assets\AppAsset;
AppAsset::register($this);
?>
<?php $this->beginPage() ?>
<!DOCTYPE html>
<html lang="<?= Yii::$app->language ?>">
<head>
<meta charset="<?= Yii::$app->charset ?>">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<?= Html::csrfMetaTags() ?>
<title><?= Html::encode($this->title . " - " . Yii::$app->name) ?></title>
<?php $this->head() ?>
</head>
<body>
<?php $this->beginBody() ?>
<div class="wrap">
<?php
NavBar::begin([
'brandLabel' => Yii::$app->name,
'brandUrl' => Yii::$app->homeUrl,
'options' => [
'class' => 'navbar-inverse navbar-fixed-top',
],
]);
echo Nav::widget([
'options' => ['class' => 'navbar-nav navbar-right'],
BOOSTING WEB APP SECURITY WITH EMAIL SERVICE 12
'items' => [
['label' => 'Home', 'url' => ['/site/index']],
// ['label' => 'About', 'url' => ['/site/about']],
// ['label' => 'Contact', 'url' => ['/site/contact']],
['label' => 'Signup', 'url' => ['/site/signup'], 'visible' => Yii::$app->user->isGuest],
Yii::$app->user->isGuest ? (
['label' => 'Login', 'url' => ['/site/login']]
) : (
'<li>'
. Html::beginForm(['/site/logout'], 'post')
. Html::submitButton(
'Logout (' . Yii::$app->user->identity->name . ')',
['class' => 'btn btn-link logout']
)
. Html::endForm()
. '</li>'
)
],
]);
NavBar::end();
?>
<div class="container">
<?= Breadcrumbs::widget([
'links' => isset($this->params['breadcrumbs']) ? $this->params['breadcrumbs'] : [],
]) ?>
<?= Alert::widget() ?>
<?= $content ?>
</div>
</div>
<footer class="footer">
<div class="container">
<p class="pull-left">&copy; My Company <?= date('Y') ?></p>
<p class="pull-right"><?= Yii::powered() ?></p>
</div>
</footer>
<?php $this->endBody() ?>
</body>
</html>
<?php $this->endPage() ?>
BOOSTING WEB APP SECURITY WITH EMAIL SERVICE 13
The index page:
<?php
/* @var $this yii\web\View */
$this->title = 'My Yii Application';
?>
<div class="site-index">
<div class="jumbotron">
<h1>Boosting Web App Security with Email Service</h1>
<p class="lead">Create an account and verify email address. To login, you are
required to provide your email address and password, then enter the code sent to you via
email</p>
</div>
<div class="body-content">
</div>
</div>
BOOSTING WEB APP SECURITY WITH EMAIL SERVICE 14
Sign up page:
<?php
use yii\widgets\ActiveForm;
use yii\helpers\Html;
$this->title = "Create new account";
$this->params['breadcrumbs'][] = $this->title;
?>
<div class="row">
<div class="col-md-4 col-md-offset-4">
<div class="panel panel-default">
<div class="panel-heading">
<h3 class="panel-title">Signup</h3>
</div>
<div class="panel-body">
<?php $form = ActiveForm::begin(); ?>
<?= $form->field($model, 'name') ?>
<?= $form->field($model, 'email_address') ?>
<?= $form->field($model, 'password')->passwordInput() ?>
<?= $form->field($model, 'confirm_password')->passwordInput() ?>
<div class="form-group text-center">
<?= Html::submitButton('Register Account', ['class' => 'btn btn-default'])
?>
</div>
<?php ActiveForm::end(); ?>
</div>
</div>
</div>
</div>
BOOSTING WEB APP SECURITY WITH EMAIL SERVICE 15
Email verification code sent:
<?php
$this->title = "Successful";
$this->params['breadcrumbs'][] = $this->title;
?>
<p class="text-success lead">Account created successfully!</p>
<p>we have you an email to confirm your account. Please check your inbox.</p>
The token is sent to the user’s email. After the user logs in to click the token link, then
this code will display a successful registration.
<?php
/* @var $this yii\web\View */
use yii\helpers\Html;
$this->title = 'Successful verification';
$this->params['breadcrumbs'][] = $this->title;
?>
<div class="site-about">
<h1><?= Html::encode($this->title) ?></h1>
<p>
your account has been verified.
</p>
</div>
When the user come to log in, maybe form another device, the user will have to also
verify the account belongs to them by using the one time code verification.
BOOSTING WEB APP SECURITY WITH EMAIL SERVICE 16
On-time verification source code.
<?php
/* @var $this yii\web\View */
/* @var $form yii\bootstrap\ActiveForm */
/* @var $model app\models\LoginForm */
use yii\helpers\Html;
use yii\bootstrap\ActiveForm;
$this->title = 'Login';
$this->params['breadcrumbs'][] = $this->title;
?>
<div class="site-login">
<?php $form = ActiveForm::begin(); ?>
<div class="row">
<div class="col-md-4 col-md-offset-4">
<div class="panel panel-default">
<div class="panel-heading">
<h3 class="panel-title">Login</h3>
</div>
<div class="panel-body">
<p>Please fill out the following fields to login:</p>
<?= $form->field($model, 'email_address')->textInput(['autofocus' =>
true]) ?>
<?= $form->field($model, 'password')->passwordInput() ?>
<?= $form->field($model, 'rememberMe')->checkbox() ?>
<div class="form-group text-center">
<?= Html::submitButton('Login', ['class' => 'btn btn-primary', 'name' =>
'login-button']) ?>
</div>
</div>
</div>
</div>
</div>
<?php ActiveForm::end(); ?>
</div>
BOOSTING WEB APP SECURITY WITH EMAIL SERVICE 17
After verifying, then the user can now access the web application
<?php
?>
<div class="index-loggedin">
<div class="jumbotron">
<h1>Boosting Web App Security with Email Service</h1>
<p class="lead">You are now logged in!</p>
</div>
</div>

Place new order. It's free, fast and safe

-+
550 words
Total price: $ 15.00

Our customers say

Customer Avatar
Jeff Curtis
USA, Student

"I'm fully satisfied with the essay I've just received. When I read it, I felt like it was exactly what I wanted to say, but couldn’t find the necessary words. Thank you!"

Customer Avatar
Ian McGregor
UK, Student

"I don’t know what I would do without your assistance! With your help, I met my deadline just in time and the work was very professional. I will be back in several days with another assignment!"

Customer Avatar
Shannon Williams
Canada, Student

"It was the perfect experience! I enjoyed working with my writer, he delivered my work on time and followed all the guidelines about the referencing and contents."

  • 5-paragraph Essay
  • Admission Essay
  • Annotated Bibliography
  • Argumentative Essay
  • Article Review
  • Assignment
  • Biography
  • Book/Movie Review
  • Business Plan
  • Case Study
  • Cause and Effect Essay
  • Classification Essay
  • Comparison Essay
  • Coursework
  • Creative Writing
  • Critical Thinking/Review
  • Deductive Essay
  • Definition Essay
  • Essay (Any Type)
  • Exploratory Essay
  • Expository Essay
  • Informal Essay
  • Literature Essay
  • Multiple Choice Question
  • Narrative Essay
  • Personal Essay
  • Persuasive Essay
  • Powerpoint Presentation
  • Reflective Writing
  • Research Essay
  • Response Essay
  • Scholarship Essay
  • Term Paper
We use cookies to provide you with the best possible experience. By using this website you are accepting the use of cookies mentioned in our Privacy Policy.