Monday, January 19, 2009

Prevent from hackers

Always create a login there are huge number of new clients on existing sites whose entire back end does not even have a login. It is simply just asking for trouble and it shows the lack of knowledge the previous developer had.
Try to avoid using Internet Explorer. Internet Explorer is vulnerable to some hacking tools like spy ware, and other security issues, which make it a constant security threat. Install “Firefox” or any other alternative web browser when using the web application or when training your clients on your new web application
Do not forget to update your open source applications. If you do maintain any web sites than you need to check it regularly for updating the web applications and install them on their web site
Always encrypt your web application with SSL to avoid any one sniffing the data you are transmitting back and forth. Sniffing is another way by which hackers can gain usernames and passwords easily and get full access to your application.
Change your password after 1 or 2 weeks. This method is typically used to get resistance from hackers who manage to steal passwords
Always use strong passwords. Avoid using your last name, first name as password or simple word for logging into your system. A good password is the one, which does not make any sense and is hard to remember. Use combination of upper and lower case letters, digits, and punctuation to help prevent against dictionary attacks.
If you have installed a common open source application like “MediaWiki”, “Movable Type”, “Word Press” or “phpMyadmin” etc then these applications are normally installed at default locations like “wp”, “admin”, “phpMyAdmin”, or other folders which provides hackers a good guess at where your login screen is. As these applications are open source so hackers can easily find old security laps in the code and then exploit them if you have not yet upgraded your system. If you are going to install one of these applications then install them to a unique directory, which will be different than the default location. You will be safer from most hacking attempts
Another threat is the “SQL Injection attacks” which can grant a hacker direct access to your whole web application. To avoid SQL injection attacks; make sure you are escaping variable data before running SQL scripts to return login information for your system in nutshell.
9. Always link to open source software. Use a search engine to find web sites that link to Word and you will find thousands of blogs, which link back to Word Press because they use the popular blogging software. Now in this case hacker has a list of potential word press blogs to exploit. Do not to link back to the software you are using. It will prevent your site as a potential hacking victim.

Articles sources :

No comments:

Post a Comment