Jump to content
xisto Community
Sign in to follow this  
Followers 0
ackotheadvertiser

How To Defend Yourself From Being Hacked?

By ackotheadvertiser, in Computer Networks

Recommended Posts

ackotheadvertiser    0

ackotheadvertiser
Posted

Hey everybody, I just checked my site's URL, and in the title there was: .::Hacked by ZaidoohNet::. and have changed the places of the layers. Have anyone ever faced this kind of attacks, and by these *BLEEP group? If so, who are they and where can I find them? Also, I logged in via FTP, and I can't seem to change the site from opening like that. I haven't promoted this site so far, and I haven't even finished it yet. I tried to overwrite all the files and it finished, but the site still looked like that. I deleted the index.html file, and it's still the same. Now I just saw that all the pages are done like that(changed layers, .::Hacked by ZaidoohNet::. in the title). Do they now my account hosting(Zymic.com) password or something? And how can I fix my pages from looking like that and defend myself in future? How can other people defend from similar attacks? Thanks

Share this post

Link to post
Share on other sites

Ash-Bash    0

Ash-Bash
Posted

Well you could always get protection from your host or you could put it on your self like putting on a fake ip on your website address.But just look around on google and your forum maker website to look for security tools.

Share this post

Link to post
Share on other sites

Pankyy    0

Pankyy
Posted

Usually these kind of 'hackers' know of security holes on common and shareable scripts, so, as the guy up here said, which is the code you were using, and also which is your URL?If you can't login check to submit a message to the support, they should be able to help you out with that.

Share this post

Link to post
Share on other sites

Echo_of_thunder    1

Echo_of_thunder
Posted

I have had a site hacked a time or two over the years. All have been from really Bad hosts that had a very poor or no firewall at all. Why these groups love to do this is a Bleeping joke. But it is a way of life here in the World Wide Parking lot. Like the bumpersticker says. Beep Happends.

Share this post

Link to post
Share on other sites

truefusion    3

truefusion
Posted

The easiest way for a person to modify a file on a website which he doesn't own is if the file has permissions to allow anyone to modify the file and if the file can be accessed through a browser. Another way is through SQL injection due to either bad or ignorant coding methods. These are the common methods of "hacking" a website. If you're using a flat-file CMS, one method you can take in protecting your website is by placing all editable files outside of your public_html folder; that is, place them in the parent folder of public_html and just have files include them, by (for example) PHP's include statement. That way, the only other method of accessing these files would be by exploiting any CMS that edits these files. If you're using an SQL based CMS, make sure it's up-to-date. However, being up-to-date doesn't get rid of all security issues (probably even the one you want solved) and my introduce new ones, since introducing new features can have that effect on scripts. But these modifications don't always cause new security issues, and tend to fix other known issues, and if new security issues are introduced, it may be small or insignificant. The 100% sure way of not being hacked is to disconnect yourself from the internet, but since that is obviously not desired, you'll have to rely on these methods.

Share this post

Link to post
Share on other sites

Ash-Bash    0

Ash-Bash
Posted

The one which I think his easyist to Hack or exploit is "Invision Power board" If you don't patch up the holes ect on the forum.Also the data base can become a big target to hackers.

Share this post

Link to post
Share on other sites

Quatrux    4

Quatrux
Posted

Yes, hacking the database and taking all the info from it is usually a bad thing to happen, passwords usually are encrypted, but not names, addresses, emails and etc.A very common site hacking is when due to host, it's possible to put an index.html file on a public_html directory and the front page changes as if it was hacked :D a lot of people get scared..

Share this post

Link to post
Share on other sites

Nabb    0

Nabb
Posted

Firstly, it is important to use a secure password. There are programs available which will bruteforce (guess) your password via ftp (which is infeasible if you're using web-hosting from Xisto due to the automatic IP ban after several failed login attempts), and of course it is possible that someone wrote a script to bruteforce your password if you have a login script on your website. You should try and have letters, number, and also symbols in your password, and ensure that it isn't something that would be able to be found with a wordlist (using a random combination of characters is best). If you have manually coded your website (or parts of it), look for any places where SQL injection could take place. You should look at every parameter passed by the user and ensure that all the data is sanitized. On top of this, you should ensure that passwords stored in a database are hashed securely - a hash like SHA1 would work fine.

 

If you're running any pre-made scripts (forums, CMS, etc), you should always make sure it is up to date. Some such scripts will automatically search for updates (such as Drupal, with a cron job), but if the scripts your website uses don't, then it is important to either regularly check for updates or subscribe to a feed which will inform you of updates (if available). Running an old version will likely mean that there are security vulnerabilities (which is why there would be a newer version!)

 

 

The data base is the easiest part of the forum to hack ( I saw it on some site I know :D) But that can be easily protected!

What forum are you talking about?

Share this post

Link to post
Share on other sites

Ash-Bash    0

Ash-Bash
Posted

I find out why is this. The whole HUGE Zymic.com was hacked, and along with it, so were tousands of other sites. Anyway, as it was said at the forums, they probably made a deal with the 'hackers' by now, as the owner wanted. Now everything seems to be alright.

Loads of site's have been hacked recently, Twitter has, You tube did but then restored it in about 5 minutes lol.

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  
Followers 0
Go To Topic Listing
×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.

  I accept