The process of website development starts with requirement analysis and then it passes through different phases.
Testing is one of the most important phases which is often ignored by the team. But the reality is websites or web based applications need intensive testing as it will be working as a multi- user system with bandwidth limitations. Both automated testing and manual testing is required to measure a site’s success in development.
1) Functionality Testing
This is the first level of testing which is often also called Module testing. It includes-
- Testing Links– All the outgoing links, internal links, anchor text links, emails links are tested. Broken links and orphan pages are also checked here.
- Testing Forms– Form checking is one of the vital checking items. Here form validations, default values are checked.
- Validating HTML/CSS – HTML/CSS validation is very important if the site is optimized for SE. One needs to validate the HTML for syntax error.
- Database testing – Database is tested for data integrity and data consistency. Check if all the database queries are executing correctly, data is retrieved correctly and also updated correctly.
2) Usability Testing
This is done after module testing. Usability checking is done to check if the site is easy to use. Check if all the information in the site is correct so that they satisfy purpose.
3) Interface testing
Technically interfaces of website are web server and application server interface & application server and database server interface. So the interface testing is done to check if all the interactions between these servers are executed properly. Errors are handled properly. If database or web server returns any error message for any query by application server then application server should catch and display these error messages appropriately to users.
4) Compatibility testing
Compatibility testing is a very important testing aspect. Compatibility testing is executed to check if the site is cross browser compatible, operating system compatible and mobile compatible.
5) Security testing
Before launching the site security testing is done to check all the security aspect of the site which includes-
- Test by pasting internal url directly into browser address bar without login. Internal pages should not open.
- If you are logged in using username and password and browsing internal pages then try changing url options directly. I.e. If you are checking some publisher site statistics with publisher site ID= 123. Try directly changing the url site ID parameter to different site ID which is not related to logged in user. Access should denied for this user to view others stats.
- Try some invalid inputs in input fields like login username, password, input text boxes. Check the system reaction on all invalid inputs.
- Web directories or files should not be accessible directly unless given download option.
- Test the CAPTCHA for automates scripts logins.
- Test if SSL is used for security measures. If used proper message should get displayed when user switch from non-secure http:// pages to secure https:// pages and vice versa.
- All transactions, error messages, security breach attempts should get logged in log files somewhere on web server.