Protect Your Site Or suffer the consiquences

[iGuest 3]

oooooo man thnx for these nice security tips. gr8

[twitch 0]

Your welcome, and twitch is me, I just left a while ago and my account got deleted (with help from m^e). There is no 100% way of protecting your website, you need to just make sure you have every possible security hole closed in order to keep it as safe as possible. Things like the honeypot project are great examples of leading website security. Also use little hints and tips on webmaster sites concerning SQL and the such, like closing instances, etc. I didn't actually realise how insecure a lot of peoples websites are, until I did a slightly long security research.

[YudzzY 0]

wow! thats so awesome info we got here! although we know it, we leave the mistakes in there! nice yu pointed it out, i'm gonna make the necessary and protect folders and all that! thanks there for the info ;-)

[Sarah81 0]

I dont think there is much a hacker can do to most of us other than mess up our sites. Unless ofcourse you have a bunch of vital information. A hacker wouldnt bother with my site lol

1064309636[/snapback]

Same with my site. If a hacker really wants to mess up my little tangents and other writing, then he or she can go for it. It's not like I don't have offline copies of my files *grins*

[twitch 0]

There have been many viruses, and one particular that comes to mind, where it replaced the homepage of people's websites with a very strange message. It hit millions of websites and did considerable, but not long-term damage. But, as you can see, even loose-ended sites have easy access.In addition to my original topic, please make sure that all your permissions on your folders/files of your account are all set properly, the last thing you want is a hacker to go through one file and make his/her way into your database.

[martyn1405241523 0]

Google Hacking.

Last December set a new foot-mark for all hackers everywhere. The Santy worm used Google to search the web for sites vulnerable to a particular form of attack. The attack was only minor and the only damage done was the text on a front page of the site being changed.. However, some 40,000+ sites were affected within...24 hours.

 

I never realized that it was soo easy to affect soo many websites in such little time.

the things that happen these days are outstandingly rediculous

Edited May 27, 2006 by szupie (see edit history)

[Emerald Green 0]

5) Think about the file extensions on your server. Ue .inc for PHP included files, for instance.

Do you mean that this is something you should do, or shouldn't do? Using .inc for PHP included files can be a security risk, because the server won't send .inc files to the PHP parser unless you specifically set it to do so. If you don't set it to parse .inc files, and a hacker happens to call up one of your include files, the file will be sent to the hacker as plain text, showing them your code. At the best, they could steal your code. At worst, they could discover a weakness in your code (or even something like your database login) and use it to hack your site. If you want to differentiate included files, it's probably best to name them something like filename.inc.php or filename_inc.php. Edited July 12, 2006 by Emerald Green (see edit history)

[austiniskoge 0]

This is really interesting! Wow...Food for thought, indeed. I'm a little behind on website security... actually, a lot behind!Thanks, twitch, for this little reminder that you've got to protect yourself. I'm definitely gonna get on it now.

[ossanzi 0]

thanks for sharing this information it is very important to keep your web site safe

[hackeriste 0]

This is really interesting! Wow...
Food for thought, indeed. I'm a little behind on website security... actually, a lot behind!

Thanks, twitch, for this little reminder that you've got to protect yourself. I'm definitely gonna get on it now.

Is SSL servers secure for pass protection!?