+- Support Forums (https://www.supportforums.net)
+-- Forum: Categories (https://www.supportforums.net/forumdisplay.php?fid=87)
+--- Forum: Virus Protection, Removals, and HJT Team (https://www.supportforums.net/forumdisplay.php?fid=56)
+---- Forum: Computer Security, Firewalls, and Antivirus (https://www.supportforums.net/forumdisplay.php?fid=10)
+---- Thread: Advice to stop your site getting hacked. (/showthread.php?tid=679)
Advice to stop your site getting hacked. - bladerboy6000 - 10-08-2009
Step 1
GET SOME BASIC HACKING AND WEB DEVELOPING KNOWLEDGE! This is where most developers fail. If you have information on how hackers comprimise sites, you can be one step ahead.
Step 2
Use an IP tracker and get a program to upload IP logs to your server. If your site gets comprimised and they delete your logs, have a backup somewhere. I set my site to upload all my logs to 110MB.
Step 3
Search various cracking/hacking sites (Here, Milw0rm, Metasploit, etc) for known exploits in pieces of software you might use. (Like the shoutpro shoutbox.) I use serendipity for my sites as that is fairly hackproof and comes with shoutboxes, etc that has not many known exploits.
Step 4
DO NOT PROGRAM IN .ASP! .asp is a known method of entering a sites admin via simple SQL injection. I use PHP as this is a new language and is used by more GOOD developers. As good as .ASP is, it does suck at the security aspect.
Step 5
If you do get hacked and the defacers leave their email, DO NOT TRY TO REASON WITH THEM! You will get fudged in the ass by the hackers most probably. One last final tip, don't put any material on your site that might offend anyone easily.
HTH,
-Joe
P.S. This took about five minutes and was just a quicky to help people. So, its not the best ever. It origininated from my thread in HF.
RE: Advice to stop your site getting hacked. - Anthem. - 10-08-2009
Also, Check for exploits that could affect your site regularly.
Exploit Search Engine
RE: Advice to stop your site getting hacked. - Xch4ng3 - 10-08-2009
To add to that, run penetration tests using something like Acuentix once in a while.
RE: Advice to stop your site getting hacked. - bladerboy6000 - 10-09-2009
Thanks.
RE: Advice to stop your site getting hacked. - i_love_man - 10-09-2009
Thanks alot. This is quite helpful
RE: Advice to stop your site getting hacked. - bTwornR - 10-09-2009
Thanks for your advise!
Quite good!
I´ll maybe post some security checking tools here!
RE: Advice to stop your site getting hacked. - bladerboy6000 - 10-10-2009
Sure.
RE: Advice to stop your site getting hacked. - Combo - 10-10-2009
Thanks good information.
RE: Advice to stop your site getting hacked. - jamessens - 11-10-2009
Hi Blader boy.
This is James. I like the information you provided on the forum. I am thankful of you for such a nice help. I want to ask that is it effective what you have written in that. I am using windows xp in the system and spares most of the time on the Internet.
Thanks and share other ideas here.
RE: Advice to stop your site getting hacked. - ktmrider530 - 11-10-2009
I have defaced a couple sites, and your step 4 is flawed. Even if you code in PHP you will always be vulnerable to a c99 shell or any shell for that matter. True it will stop many of the more skid like "hackers" but i know someone who can hack damn near everything he has tried.
Everything is vulnerable, it's just a matter of finding it.