Safari browser, viewport <meta> tag (usage), 313

Salting, 852

Sass, basics of, 334f

• nesting, 334

  • usage, 335c

• variable and types, 333–334

Saturation, 247

Scalable Vector Graphics (SVG)

• example, 266f

• file format, 264–265

Scaling images, 318, 319f

Scope. See Functions (JavaScript)

Scrapers, 936–938

• Email, 937

• URL, 936–937

• word, 937–938

Search engine optimization (SEO), 35, 83, 85, 942–955

• anchor text, 949

• black-hat, 950–955

• content, 950

• images, 949

• meta tags, 943–945

• site design, 947–948

• sitemaps, 948

• title, 943

• URLs, 945–946

• webmaster tools, 995–996

• white-hat, 943

Search engines

• anatomy of, 933–935

• black-hat SEO, 950–955

• history of, 933–935

• indexing, 938–939

• overview, 933–935

• PageRank, 939–942

• Result Order, 939–942

• reverse indexing, 938–939

• web crawlers and scrapers, 935–938

Second-level domain (SLD), 51–53

• restrictions, 53

Secure by default, 823

Secure by design, 821

Secure FTP (SFTP), 48

Secure Hash Algorithms (SHA), 850

Secure Shell (SSH), 60

• access, 895

• protocol, 48

Secure Socket Layer (SSL), 840, 911–912

• handshake, 842, 842f

Security

• authorization, 833

• CIA triad, 814–815, 815f

• common threat vectors, 860–873

  • brute-force attacks, 860–861

  • cross-site request forgery (CSRF), 868–869

  • cross-site scripting (XSS), 863–867

  • denial of service, 870–871

  • insecure direct object reference, 869–870

  • SQL injection, 861–863

• cryptography, 834–840

  • decryption, 835

  • digital signatures, 840, 841f

  • encryption, 835

  • public key, 838–839

  • substitution ciphers, 835–838

• Hypertext Transfer Protocol Secure (HTTPS), 840–848

  • certificates and authorities, 842–845

  • domain-validated certificates, 843–844

  • downgrade attack, 848f

  • extended-validation certificates, 845

  • free certificates, 845

  • migrating to HTTPS, 846–848

  • organization-validated certificates, 844–845

  • self-signed certificates, 846

  • SSL/TLS handshake, 842, 842f

  • usage, 841f

• misconfiguration

  • arbitrary program execution, 872–873

  • input attacks, 872

  • open mail relays, 871–872

  • out-of-date software, 871

  • virtual open mail relay, 872, 873f

• policy, 818

• practices, 848–860

  • audit and attack, 859–860

  • credential storage, 849–854

  • monitor your systems, 858–859

• principles, 814–825

  • authentication factors, 824–825

  • business continuity, 818–821

  • information security, 814–815

  • policies, 818

  • risk assessment and management, 815–817

  • secure by design, 821–823

  • social engineering, 823–824

• testing, 823

• theater, 824

• web authentication, approaches to, 825–833

  • basic HTTP authentication, 826f, 826–827

  • form-based authentication, 827–829, 828f

  • HTTP token authentication, 829–830

  • third-party authentication, 830–833

<select> element, usage, 208

• example, 208f

Selection methods, DOM, 422–424, 422t

Selectors, 125, 132–142

• attribute selectors, 136

• class selectors, 133–135

• contextual selectors, 139–142

• element selectors, 133

• grouped selector, 133

• id selectors, 135–136

• pseudo-class selector, 136–139

• pseudo-element selector, 136–139

• types, 137t

• universal element selector, 133

• usage, 126

SELECT

• query

  • execution, 738c

  • running, 739–740

• statement, 724–725

  • example, 725f

  • INNER JOIN, usage, 726f

Selenium testing system, workflow and architecture, 885f

Self-signed certificates, 846

Semantic

• HTML documents, creation, 81–83

• HTML markup, writing (advantages), 83

• markup, 81–83, 102

• structure elements (HTML5), 102–115

  • visualizing, 103f

Sender Policy Framework (SPF) records, 893

SEO. See Search engine optimization

Server, 17

• caching, 923–925

• farm, 19, 20f

  • example, 20f

• header, 61

• multiple, vs. virtualized server, 900f

• racks, 19

  • example, 20f

• real-world server installations, 19–23

• sample rack, 20f

• sprawl, 900

• types, 17–18

  • example, 19f

• virtualization, 899–904

• visualization, user parameters, 781f

Serverless computing, 702–704, 703f

• benefits, 704

Server-side development, 36, 604–611

• front end vs. back end, 604–605, 604f

• server-side technologies, 605–606

Server-side include (SSI), 625

Service workers, 528

Sessions, 793

• configuration, 794

• cookie, 787

• existence, checking, 796

• saving, decision, 794

• shared location (usage), php.ini configuration, 796c

• state, 792–799

  • access, 796c

  • example, 792f

  • function, 793–794

  • usage, 796

• storage, 794

  • shared location, usage, 795

sessionStorage, 524

SFTP (secure FTP), 48

Shallow copy, 384

Sharding, 770, 771f

Shared hosting, 23, 895–898

• categories, 895–898

• simple shared hosting example, 895f, 895–897

• virtualized shared hosting, 897–898

Shared location, usage, 795

SharePoint, 971, 972t

Simple Mail Transfer Protocol (SMTP), 18, 48, 872

• servers, usage, 893

Simple shared hosting, 895–897

• example, 895f

Single-factor authentication, 825

Single master replication, 769, 770f

Single-page application (SPA), 548

Single vs. Multifactor Authentication, 825

Site manager, 979

Sites. See also Websites

• advertising fundamentals, 991–995

Social engineering, 823

Social media presence, 959–960

Social networks, 955–958

• connection, 958f

• defined, 958

• email social networks, 957f

• evolution, 957–958

• integration, 958–970

• links/logos, 959

• relationships, 957

Socket.io, 696

• usage, 697f

Software as a Service (SaaS), 905

Software development life cycle (SDLC), 822f

Software framework, 546

sort(), 484, 485c

Spam bots, 226

Spanning rows/columns, 191

• examples, 192f, 193f

Specialized controls, 209–213

Specificity, 145–146

• algorithm, 147f

• example, 146f

Spoofing, 816

Spread syntax, 377

SQL, 720–733

• aggregate functions, 725

• command, 730c

• DELETE statement, 727, 728f

• example, 748–749

• GROUP BY, 725, 727f

• injection, 861–863, 861f

• INNER JOIN, 725, 726f

• INSERT statement, 727, 728f

• LIKE operator, 468

• ORDER BY, 725f

• script, running, 718

• SELECT statement, 724–725

• transactions, 727–731

  • usage, 747–748

• UPDATE statement, 727, 728f

• WHERE clause, 724, 726f

SQLite, 70, 712

• example, 718f

• tools, 719, 720f

Stage mock events, 820–821

Standards mode, 85

Start of Authority (SOA) record, 893

State

• cookies (usage), 785–786

• problem (web applications), 779–781

  • illustrating, 779f

• session state, 792–799

  • how it works, 793–794

  • Node, 798–799

  • PHP, 796–797

  • problems with, 794–795

  • session ids, 793f

  • storage, 794

State (React), 561–563

• context provider, 588–589, 591f

• hooks, 565, 567f

• Redux, 590–591, 592f

• within class component, 562f

Stateless authentication, 829, 829f

Static asset servers, 13

Static member, 649–651

• usage, 649c

Static methods, static properties (comparison), 650

Static property, 650f

Static website, 10, 11f, 15f

• example, 10f

Stemming, 939

Storage

• approches, 849c, 851c

• credential, 849–854

• password, 849f

Store, 590

Streaming server, 18

STRIDE, 816

Style guides, 337–339

• sample, 339f

Styles

• embedded style sheet, 131

• external style sheet, 131–132

• inline styles, 130

• interaction, 142–148

• sheets, types, 132

Subclass, 651

Subdomains, 53

Substitution cipher, 835

Subtractive colors, 246

<summary> element, 109, 110f

Super administrator, 979

Superclass, 651

Superglobal arrays, 652–654

• $_COOKIES, 787–789

• $_GET, 652

• if empty, 655, 656c

• $_POST, 652

• $_SESSION, 796–797

switch. . . case (PHP), 621–622

switch (JavaScript), 370c

Symmetric ciphers, 838