Webmaster Forums - Webmaster forum for HTML, PHP, ASP, CSS and more - View Single Post

DarkMindZ · 01-10-2008, 06:59 AM

This is just general security that you should know::

[-] Shared Hosting?

if you are on a shared host, means you have other websites on the same server, you can never be too paranoid.

that's why, if you run a CMS / Forum, anything that needs MySQL access. most probably your password is plaintext in a file.. and all the sites on that server, most likely can have access to that file... sucks eh?

well, there are some solutions:

- Move the config file `that contains the pass / user, to the user directory.. example:

/home/darkmindz/public_html/config.php << thats where it usually is..

you can move it to:

/home/darkmindz/config.php

that makes it really harder on the attacker to get the file, unless he roots the server, or knows exactly what the filename is...

next solution is:

encrypt your files,, you can use Zend or IonCube, or some other custom encryption..you can look that up, we are not going deep into it.

[-] Been Hacked?

Well, if you have been hacked once, you cant just get your backups up, and move on with your life.. wrong!

you will need to look for backdoors, if you can delete ALL the files on your site, and get new files from a backup, it would be much better, but if you cant, then you need to check for the files the `hacked` could have edited... in most cases, the `hacker` would be using a c99 PHP-Shell to go over your files and edit them.

so, lets see what files he could have edited, you can do that by looking in your SSH / FTP for writable. an easier way, is just to look at your files the way the `hacker` saw it..

you can upload a c99 PHP-Shell to your site, and look for the green perms files, those are editable, then you can either replace those files with new ones, or if you know what to look for, then open them up and look for backdoors left by the hacker..

Now, I dont really have to say this, but..

Change all your passwords. FTP, SSH, cPanel, Admin panel. EVERYTHING.

[-] The best way to secure your self, is to know what the attacker is looking for.

Yea, Read some webhacking tutorials, we have a bunch of them here, this is what all / most hackers read, and go after your site based on it...

once you know what they are looking for, you can find a way around it, maybe in another tutorial I will discuss securing your webapps.

Okay, that was a basics of what you need to know / do, to keep your site secure, we will go more into it with webapps security, comments and suggestions are welcomed

Source --=[ DarkMindZ || General Security ]=--

01-10-2008, 06:59 AM	#1 (permalink)
DarkMindZ Junior Member Join Date: Jan 2008 Posts: 1	General Security This is just general security that you should know:: [-] Shared Hosting? if you are on a shared host, means you have other websites on the same server, you can never be too paranoid. that's why, if you run a CMS / Forum, anything that needs MySQL access. most probably your password is plaintext in a file.. and all the sites on that server, most likely can have access to that file... sucks eh? well, there are some solutions: - Move the config file `that contains the pass / user, to the user directory.. example: /home/darkmindz/public_html/config.php << thats where it usually is.. you can move it to: /home/darkmindz/config.php that makes it really harder on the attacker to get the file, unless he roots the server, or knows exactly what the filename is... next solution is: encrypt your files,, you can use Zend or IonCube, or some other custom encryption..you can look that up, we are not going deep into it. [-] Been Hacked? Well, if you have been hacked once, you cant just get your backups up, and move on with your life.. wrong! you will need to look for backdoors, if you can delete ALL the files on your site, and get new files from a backup, it would be much better, but if you cant, then you need to check for the files the `hacked` could have edited... in most cases, the `hacker` would be using a c99 PHP-Shell to go over your files and edit them. so, lets see what files he could have edited, you can do that by looking in your SSH / FTP for writable. an easier way, is just to look at your files the way the `hacker` saw it.. you can upload a c99 PHP-Shell to your site, and look for the green perms files, those are editable, then you can either replace those files with new ones, or if you know what to look for, then open them up and look for backdoors left by the hacker.. Now, I dont really have to say this, but.. Change all your passwords. FTP, SSH, cPanel, Admin panel. EVERYTHING. [-] The best way to secure your self, is to know what the attacker is looking for. Yea, Read some webhacking tutorials, we have a bunch of them here, this is what all / most hackers read, and go after your site based on it... once you know what they are looking for, you can find a way around it, maybe in another tutorial I will discuss securing your webapps. Okay, that was a basics of what you need to know / do, to keep your site secure, we will go more into it with webapps security, comments and suggestions are welcomed Source --=[ DarkMindZ \|\| General Security ]=--