twitter
    Get the latest news on Software Industry...

Tips to Secure your Website from hackers and attackers

Posted by Dan on Wednesday, June 24, 2009 Labels: , , , , , , ,
If you are having your own website and have hosted it somewhere, and if you also use open source, there are chances your site get attacked and hacked. Here are the details and tips to secure your website from attackers and hackers who use Open Source like Joomla, PHPBB and other to attack your website.

Day by day, the use of internet and websites is increasing and it has become and essential part of our life. Simultaneously, the anti-social elements in the internet world like Hackers, Web Attackers and Spammers uses malware, virus and spywares for their own benefit and harm others and try to destroy the system.


For past few years, a large surge of hacking activity is taking place on targeted websites that use open source software (Specially Joomla, PHPBB and more). The attackers are using various exploits in older versions of these open source softwarea to gain access to the whole hosting account and use the hosting account to send spam or distribute malware.

Many intensive attacks also install full software like Wikis and Forums to spam search engines and these "planned" attacks are impossible to recover and as a result your hosting company may have to terminate the infected hosting accounts.
 
99% of these attacks can be avoided by following very easy steps:

1. If you have installed (or installing) PHP or CGI software to try it out (like PHPBB forum, Joomla CMS,..etc) and you no longer use this software, then simply delete it and delete its DB. If you have used Fantastico installer to install the software, then use Fantastico to do the uninstallation.

2. Same thing applies to Software plug-ins and themes, if you  are no longer using a theme/template then remove it, and if you are no longer using a plug-in then delete it

3. While installing a software or application or script on your website and hosting account, always choose user name and password for software administration different than your main hosting account user name and password. By doing this you can stop the attacker to gain access to whole hosting account or email.

4.  Always avoid using easy to guess logins like username: test and password: test or 5, 6, 7, 8, 9, 10.

5. If you have installed a software or script and want to continue using it, then keep it up to date (including any themes, plug-ins, widgets), by subscribing in the software mailing lists or RSS feeds to get any security updates and batch/upgrade of your copy of the software as soon as possible.


Did you find it useful ? Leave your comments....
StumpleUpon Ma.gnolia DiggIt! Del.icio.us Blinklist Yahoo Furl Technorati Simpy Spurl Reddit Google

0 comments:

Post a Comment