How to Prevent a webSite from Being Hacked?

[Jack]

We've seen recently that many websites are being hacked or infiltrated. Many
Websites are damaged , data is stolen and even rankings are lost.Even if Web
Hosts claim that their servers are secure and safe but website owner is
responsible as well in this regards.

Different Kind of Hacks,their purpose and how they can affect you.

XSS

Weak security of HTML codes and client side scripts is a major cause of this
kind of vulnerability. This is typically found in web applications
which allow code injection by malicious web users into the web pages viewed
by other users.HTML, JavaScript,VBScript, ActiveX are considered as major
culprits of this exploit.

SQL Injections

This vulnerability specifically occurs in database of an application.It is
used to inject SQL query/command as an input via web pages. SQL Injection
allows to send crafted user name and/or password field which changes the SQL
query.

Defacing

Defacement is nothing but a substitution of web page or home page by
hackers.This is mainly done by group of hackers to steal content and other
information. They mainly target web servers and its operation system which
is seen in all previous attacks.

Security Tips:-

These tips are basically for the websites which are hosted on shared
servers/environment.

1. Always use latest updated software:-

Avoid using older versions of software as they are insecure. Use the latest
release which includes few security fixes and functionality as well.

2. 3rd Party Scripts and Code
Plugins, widgets or any other code you usually install are written by other
people under unknown circumstances. Some may be great, some may have
security holes. Make sure you research any code you wish to use but you
haven't written yourself. Do a few Google searches before using such code to
verify how secure the code actually is.

3. Your Own Fault
One of the biggest reasons of Identity theft and an easy way for someone to
fetch confidential details to your site(s). Your personal computer could
well turn out to be a weak link in this. It could be anything, from an
infected powerpoint file or someone phishing your account details, the
vulnerabilities are too many to consider. No matter how secure your actual
website is, if the machine you use to access, log in and edit your web pages
is infected you stand a grave risk of being compromised and its outcome may
be more than just the effect on your site.

Use anti virus scans, clear logs, secure your passwords and be aware of
general security issues. Public wifi spots are also a security risk.

4. Secure Passwords
A secure password goes a long way in making it difficult for a potential
infiltrator to intrude into. Your passwords should always be a combination
of letters, numbers and special characters. The longer the password, the
better. You can also generate a random password which is even more secure.

5. Checking Your Logs Regularly

If you spot any unusual traffic spike in your website stats (ranking for
gambling, pharmaceuticals and sex terms is a common one) try working out
where it is coming from and going to. From there if you can make sure
whether it is a hack.

6. Backups:-
Taking the backups regularly alone won't protect your website from being hacked. In case of hack you wil need to take care of the following:-

* Records of IP's accessing your website

* Pre hack backup of your website including the latest updates.
with eUKhost backup plans you can make backups for your website daily, weekly as per your requirements.You would be able to use latest backup you had on backup space.

7.Don’t Put All Your Eggs in One Basket

Grab your self for a VPS or a multi reseller account where you can spread your websites under different set of IP's. you can also host your websites on different c class IP's.

8. Learn More

Stop thinking and learn more articles to resolve such problems and hacks. Here's couple of help ful resources:-

Trend Micro

Apache Security

MySQL Security

[sb123]

Thanks for these very important tips. I would also like to know what are the preliminary signs of a website being hacked... I mean, how can we know that the site has been hacked, or the bandwidth is being stolen...

You can also add more such questions and make this thread a sort of FAQ.

Thanks again!

[Rock]

Quote:

Originally Posted by sb123

Thanks for these very important tips. I would also like to know what are the preliminary signs of a website being hacked... I mean, how can we know that the site has been hacked, or the bandwidth is being stolen...

You can also add more such questions and make this thread a sort of FAQ.

Thanks again!

Truly said ! We'll be adding more material tho this thread as days pass & then stick it as for a "Complete FAQ for securing a website from being hacked"
Such helpful contributions from other members/sources would be more than welcome..

[sb123]

Model Questions

General Questions:

• How do I secure my site?
• What is False Negative?
• What is False Positive?
• What is Hacker?
• What is HTTP TRACE?
• What is secure site?
• What is Security Fuzzer?

Types of Vulnerabilities:

• What is Blind SQL Injection?
• What is Command Execution Vulnerability?
• What is Cross Site Request Forgery?
• What is Cross Site Scripting?
• What is Server Side Include Injection?
• What is Session Fixation Attack?
• What is SQL Injection?
• What is XPath Injection?
• What is XSS?

Application Firewalls:

• What is a Web Application Firewall?

Application Scanners:

• What is a CGI Scanner?
• What is a Web Application Security Scanner?

Other Common Questions:

• What is HTML Injection?
• Is PC and web security compromized if I use AutoComplete feature to input login and passwords details
  

***

What are the solutions to these? Which of the solutions (obviously, free or very inexpensive ones that will also help the site ) should be implemented on a general website and also commercial website, and how?

Any other questions that should be added to the above?

Thanks!

[sb123]

One related question on security of my PC:

Whenever I have to Submit Post or Submit Reply on this forum (and also on the blog), I have to shut down my Sygate Personal Firewall.

If I keep it on, it doesn't allow activation of the submit procedure and then the page is timed out. If I close the firewall, which then forms a security hole on my PC, the submit procedure works. Why is this so?

I must keep the Firewall on. I trust the Sygate Personal Firewall. But if you have different suggestion that will help me submit especially on this forum and blog, without having to close the firewall, I will try that too.

The Windows XP Firewall is always on but I would like to keep it off.

Apart from that, I have AVG version 8.0.173 always on.

Please advise ASAP.

Thanks and God Bless!

[eUK-Martin]

I am really not sure how your firewall is related to submissions of post on a blog/forum. As Firewalls are more about network connections and it should be your AntiVirus that should prevent you from submitting a post since some AntiVirus do not allow cookies to be save on the machine.

Do you have this problem on all Forums/blog or is it just eUKhost..?

[sb123]

I am trying to see if the combination of keeping the Sygate Firewall on and closing the AVG will allow me to post.

But, everytime I have the Sygate firewall on, it prevents me from posting and as soon as I close it and hit the submit button again, the submit button works.

I am also trying to find the one other similar complaint that I saw on another forum.

Just now I successfully tried posting on the DP forum. I use the same ID on that forum. (Sygate on, AVG on = Submit was successful there).

---

Now trying to post this with the parameters on. (Sygate on, AVG on): ... ... FAILED.

The submit was not successful. I got the message when I tried the button (I am using Firefox 3, and this happen every time when I try posting on this forum):

=====
"Connection Interrupted

The connection to the server was reset while the page was loading.

The network link was interrupted while negotiating a connection. Please try again."

=====

And immediately, I closed the Sygate firewall, logged in again to this forum, got what I had written for this post and tried the submit button. The posting was successful! Nothing else was changed.
(Sygate OFF, AVG on = Submit was successful here).

I am stumped!
Am trying to find another firewall that will allow me to post without shutting it off. But please reply if you find a solution to this peculiar problem.


====

Another peculiar aspect:

I tried to EDITthis post with (Sygate firewall on, AVG on) and that was also SUCCESSFUL! Only the submit fails!

(I don't also take a lot of time in typing my response while posting which can possibly stop my internet connection due to idle time or whatever! I purposefully waited for about 5 minutes before "saving" this, and still it went through successfully).



Now, I just edited this post and changed just one word and saved. It worked! (This activity only took a second or two. The Sygate firewall was on!).

The DP post also took me about 2 or 3 minutes to post, almost same as my time here.

Does this "SUBMIT" or "SAVE" button have a time limit set for posting? Or, is there anything wrong on my Sygate?

I use AirTel's 'unlimited broadband internet connection' and have no connection problems with that.

[sb123]

Trying again with firewall on.

====
The above was the 1-line post that got through even with the firewall on. Time to write the above line was less than half-a-minute.

I am re-editing this post now.
P.S.:

I Think I Got it.

This post's initial "submit" got through with the Sygate on. The time taken to write the initial post (only the 1st line up there) was less than half a minute. It got though.

There is definitely some sort of time-limit set for posting, or that my firewall has some problems/bugs. I take lot of time for posting on DP - also with the Sygate firewall on - but have never faced this problem there.

I purposefully took a lot of time to edit this post - about 5 minutes - with the firewall on, and it failed to go through. I shut off the firewall now and the "save" is successful. Haven't changed any internet connection settings.

[eUKhost.com]

I'll suggest you to consider System Mechanics Pro as it comes with combo package of Firewall, Anit-Virus and some highly recommended Windows Maintenance tools which helps you to keep your system performance like a brand new Computer.

You can download 30 day trial version from iolo technologies - The PC Tune-Up Experts

[sb123]

Thank you dear Mark,

I will try this trial option too. I knew about Iolo's System Mechanic Professional, but the price is still out of my reach. At $70 for the first year, and thereafter $40 for each year, it's a bit too expensive.

I know it will give me other important features too, but at present I will carry on with the drawback of shutting off my Sygate Personal Firewall for just about a minute while submitting on the forum. I think, even the Sygate has been taken over by Symantec and the firewall is not free anymore.

Thanks again for your kind advice. God Bless!

[DavidAllen]

I use Zone Alarm - no problems with submitting the form (and it's free).
My only thought on your problem is that maybe something in the javascript in the form submit is somehow annoying Sygate

[sb123]

Quote:

Originally Posted by DavidAllen

I use Zone Alarm - no problems with submitting the form (and it's free).
My only thought on your problem is that maybe something in the javascript in the form submit is somehow annoying Sygate

Thanks David

I will try Zone Alarm and test it thoroughly. But as I am leaving for Bombay in about 3 hours from now it will have to wait 'til Saturday when I come back.

God Bless & Keep Smiling!