Thursday, May 31, 2012
ADMINS: Protect your websites from hackerz... | [Basic Tips] |
Do you like this story?
guyz you are still not protected if your using j00mla website hackerz will hack and deface your websites!!
hackerz can hack you by scanning vulnerability of your websites!!
so here are some ways to protect yourself -:
1.Hide E-mail address
This one is a bit more troublesome to some business owners. You want your email address to be available for your customers and prospects. However, hackers like to use email addresses to get into your site. Many experts recommend NOT publishing your email address anywhere. Instead, they recommend using a contact form.
2. Fixing vulnerability
2. Fixing vulnerability
acunetix this toolkit will hep you to scan vulnerability of your webites
As many as 70% of web sites have vulnerabilities that could lead to the theft of sensitive corporate data such as credit card information and customer lists.
Hackers are concentrating their efforts on web-based applications - shopping carts, forms, login pages, dynamic content, etc. Accessible 24/7 from anywhere in the world, insecure web applications provide easy access to backend corporate databases.
Firewalls, SSL and locked-down servers are futile against web application hacking!
Web application attacks, launched on port 80/443, go straight through the firewall, past operating system and network level security, and right in to the heart of your application and corporate data. Tailor-made web applications are often insufficiently tested, have undiscovered vulnerabilities and are therefore easy prey for hackers.
Hackers are concentrating their efforts on web-based applications - shopping carts, forms, login pages, dynamic content, etc. Accessible 24/7 from anywhere in the world, insecure web applications provide easy access to backend corporate databases.
Firewalls, SSL and locked-down servers are futile against web application hacking!
Web application attacks, launched on port 80/443, go straight through the firewall, past operating system and network level security, and right in to the heart of your application and corporate data. Tailor-made web applications are often insufficiently tested, have undiscovered vulnerabilities and are therefore easy prey for hackers.
Download HERE
3. Robots.txt
This simple little line of code accomplishes something quite effective. It tells search engines to index certain pages and to not index others. If your pages are not indexed, no one – including hackers – will be able to easily find them. So what pages do you want to keep private? Any webpage that is meant for webmasters only.
4.Check what you upload [files checking!!]
Does your admin allow you to upload files to your server? This is what a hacker wants – then they can upload their backdoors. If you are expecting to upload images check the file is an image (jpg, gif etc). If it is meant to be PDF validate that. Then, rename the file to hide it! For example picture.jpg might become 1.jpg.
5. Passwords
Your site admin must have a strong password – never ‘password’ or other obvious words. A medium strength password will include a combination of numbers and letters, ideally using upper and lower case letters. Make it stronger by including other characters, such as @ – ? etc. Anything that you can add that means your password is not a straight forward word or two can really improve it.
Ideally, also sign on with a user name that is not obvious – not ‘admin’, ‘administrator’ and so on. This way the hacker must guess user name and password. And if you can move your administration area to an unusual directory, then the hacker might not even be able to find it!
6. protect the Source
Protect your source code from hackers who can simply cut and paste it to create a new site. There are simple scripts you can use to protect your source code and to keep it invisible.
If you’re unsure how to manage any of these steps, contact your website developer or host. They should be able to guide you through the necessary steps. Protecting your website from hackers is a hassle but not nearly as much as a hassle as recovering from being hacked!
7. File Permissions!!
Make sure the permissions on your uploaded files are set to chmod. If you’re not sure how to do this, check with your web host. It’s generally a simple setting choice on your server.
