Hacking / Hackers / RFI / SQL Injection
Hacking / Hackers fancy term I always like to hear but when comes to me bit terrified . Today morning one of my site got suspended with no reason . I contacted the host monster support for clarification . They said ur site was hacked and ur account is temporarily suspended . What kind of hack ? Phishing in my site . The name suggests they looking for fish in my site such as credit card , username , password details .
Now I have to rectify that malfunction of my site which is very easy ( probably need to delete some of the new directories which is not created by me and chmod permissions ) . But the biggest task need to find the root cause of the problem . Whole day I was crawling all the sites to get useful information and I got two or three documents from hostmonster itself . So I am sharing with you for ur information .
How to prevent your site from getting hacked. How to repair a damaged site. Website security precautions: http://25yearsofprogramming.com/blog/20070705.htm
PHP Security fixes for your site: http://helpdesk.hostmonster.com/kb/index.php?x=&mod_id=2&id=271 - pay particular attention to the link for blogs at the bottom of the page.
If you have a knowledgeable programmer who can help you with this, have him review the following article and take the appropriate steps.
Tech project finds Top 25 coding flaws that let hackers in: http://www.usatoday.com/tech/news/computersecurity/2009-01-12-coding-flaws-hackers_N.htm
After the whole day , I found my site exposed to RFI (Remote File Inclusion) attack . In short term RFI means some malicious users can run the PHP code on your webserver . How to stop this attack ? this done by proper php settings (php.ini) and modify your .htaccess on your public_html directory .
So action item for all of us .. Go and secure your websites from hackers [;)]
Recent Comments