How to protect your site from hacking?
Protection of a site from breaking - an urgent task for many site ownersin our time. Thanks to the huge amount of "Hacking for Dummies" benefits, even those Internet users who previously did not have a case before your site will suddenly want to try their hand and boast of freshly acquired knowledge. What to do to protect your site from hacking?
First, we list the non-programmatic methods of protecting the site from hacking. Surely, you've often heard of them, but perhaps you did not pay attention.
Method 1. Choose complex passwords. Practice shows that even the most nimble programs for selecting a password with a simple search will cope with a password of eight characters in less than a year. The fact is that the combinations of the eight-digit number exist 2x1012, and combinations of eight unknown cracker characters - even more.
Method 2. Do not give access to administrativesite panel unchecked people. Otherwise, do not be surprised why the site is hacked. Also, you should not give the right to add HTML-code to everyone, because unscrupulous users can add malicious code to the site.
Method 3. Use the antivirus with fresh bases. As they say, God cares.
Method 4. Do not store passwords in FTP clients. The file containing the password, even if it is encrypted, is a good hacker to steal - just spit.
Method 5. To store passwords better, usespecial password managers, if you do not rely on your memory. Password Manager is a special program that allows you to store and organize passwords in an encrypted file. To access the password manager, you need a separate password - a key. By the way, remembering one password is much easier than dozens of different ones, is not it?
Method 6. Do not visit questionable links. No comments.
However, it is not always hacked by the sitecarelessness or inattention of the site owner. Sometimes the vulnerability of the site lies in its source code, which professional hackers will quickly find out. If your site is built on the basis of one of the content management systems (CMS), then know that the developers of these systems have already taken care of your security and included in the source code the necessary elements of protection.
If you use ready-made scripts on your site, then always remember that they can be vulnerable. After all, many scripts are written with the participation of several specialists in web programming, and this increases the probability of errors that hackers can use for their attacks in the future. Therefore, it is not superfluous to learn the opinion of the script on specialized forums, for example, antichat.ru. A good indicator of the reliability of the finished script will also be its availability and long work on many other sites.
If you write scripts yourself, then be sure to pay due attention to themsecurity. For example, in scripts that work with sending and receiving data from forms (concerns both the POST method and the GET method), always filter the user input. If this is not done, then the hacker can send a malicious code through javascript. Thus, the hacker can access your cookies or make the page unworkable. Such an attack is called XSS.
Especially carefully you should check the script,which interacts with the database based on user data. If a hacker gets the opportunity to upload to the server with your site some files, then he can do with it whatever he wants.
Unfortunately, when it comes to DDoS attacks, there are no invulnerable sites. DDoS-attack lies in the fact that simultaneously with a large number of computers on your site begins to receive a huge number of requests. The server can not service such a large number of requests and the site stops working. In addition, if the script is very cumbersome, then "suspend" the site can not even be very large number of requests.
Based on the materials of the site webstudio2u.net
