| Abstract | Web applications are so pervasive nowadays that anyone who has a web-enabled device can access any sites they like.  These  sites  ranges  from  social  connections,  national  election  data  to health  care  companions.  Thus,  it  is imperative that for these websites to truly serve the purpose they intended, a layer of security against the malicious individual  must  be  implemented.  Reports of  website  hacking  are  ringing  bells  around  theglobal  news  whose attackers areunknown.Although open-source  MVC  frameworksimplemented a  security  mechanism,  there  are  issues  in  which  if  not considered by the web site developer can lead to breach of security just like what happened to exposed websites. The  main  problem  with mainstream  MVCframeworks  is that, if  not  configured  carefully, it  is a  single-point  of failure. |