Introduction:
All most every website on the internet has a risk of getting Hacked .The growing generation of new Hackers are able to exploit almost every digital device from mobile to a calculator! , so websites are easy for them to Hack and compromise. Every year people pay thousands and thousands of rupees just to protect their
websites from not getting hacked. Cyber security is a major concern now a days for everyone from a business man to a government employee or even the common man. Imagine a situation in which you are a business man who has a database of information about your clients and your site has been hacked. What will you do? All your clients will be angry with you because of their privacy disclosure and your business will go down.
But if you will protect your website then this situation will never come in your life.
Protecting your website:
Old version of web server:
One of the most common mistakes that people make is that they just use old versions of web server. This is actually a very big vulnerability as any attacker can easily exploit the loophole in that web server and get inside your server.Invalid or expired SSL certification:
If a website has a login page then a valid SSL certification should be installed into the server not an invalid SSL certification. The SSL server encrypts the traffic.For example this is an example of an expired or an invalid SSL certification:The SSL certificate (
serial: 00f716cc219f44c663
) is expired.The cerificate valability period is:
Thu Jan 22 19:52:15 UTC+0530 2009 to Fri Jan 22 19:52:15 UTC+0530 2010
In this situation the attacker can easily install a sniffer and start sniffing all the data that is being passed to the server.Server Vulnerable to XSS:
XSS or cross site scripting is the process in which the attacker hacks the website by injecting some javascript into the website. www.In.com vulnerable to XSS XSS is a very common method and even FBI and CIA are vulnerable to it.This attack can be easily prevented easily by filtering all the special characters (#, <,” ,/,…etc) from being inputted into the search field and also filtering them into the commenting fields.
Server Vulnerable to SQL injection:
SQL injection is also as common as XSS but the only thing is that here the attacker tries to input SQL commands into the server and get into the database or log into the admin page without proper username and password.
This attack can also be prevented by filtering all the special characters from being inputted into any input field.
Default Password and usernames:
Some administrators are so dumb that they forget to remove default passwords from the script of the login page, this means that anyone can login into the admin panel of the site with the username as “root” or “admin” and password as “root” or “admin” too. This vulnerability can be patched up by removing this feature from the script.Unrestricted applications:
Here in this vulnerability the site has a editor which can be used to upload files to the server for example the url can bewww.site.com/backhend_of_site/fck/editor/fckeditor.html
This will show up the following:And here I can upload anything without the admin privileges. To protect you self from these kind of attacks always use validated softwares.
Admin page access:
Some people just don’t change the admin page location, for example people have admin page at www.site.com/admin. This is a vulnerability because if we have got access to admin page then we can try out SQL injections on the admin page. So always change the admin page to something like:
www.site.com/abc
Robots.txt:
Robots.txt file tells us about what features the site has allowed and disallowed so one can get a list of possible directories in a server like:User-agent: *
Disallow: /search
Disallow: /groups
Disallow: /images
Disallow: /catalogs
Disallow: /catalogues
Disallow: /news
We can prevent this by adding less directories to the robots.txt file and password protecting all the directories which come inside this file.Disallow: /search
Disallow: /groups
Disallow: /images
Disallow: /catalogs
Disallow: /catalogues
Disallow: /news
Test.php:
This file contains all the configuration of the php server running on the server so one should block it.For example the URL can be: http://site.com/test.php. We can protect from this kind of attacks by removing this file.Conclusion:
We have come to the end of this article. These were the some of the methods.
Further Reading:
https://www.owasp.org/index.php/OWASP_Guide_Project
http://www.securecomputing.com/SecureIFV/index.cfm?tabs=w,m,f,s,sf,sg
Regards,
Hardeep Singh
(www.facebook.com/h4rdeep)
Post a Comment Blogger Facebook