Anything I can do (besides good luck) to keep hackers away from my site?

Discussion in 'Security' started by woahdolla, Jul 10, 2008.

0
  1. #1
    im a total newb to security... so just in general, if i have a site on a vps server with just html. files for the site, is there anything special i can do to protect against potential attackers? or does it all lie in my web host and their security?

    thanks
     
    woahdolla, Jul 10, 2008 IP
  2. shabbirbhimani

    shabbirbhimani Well-Known Member

    Messages:
    1,063
    Likes Received:
    14
    Best Answers:
    0
    Trophy Points:
    140
    #2
    My web development forum has a Ethical hacking forum where you can find some good hackers who can test your site for vulnerability.
     
    shabbirbhimani, Jul 10, 2008 IP
  3. Enfinityhost

    Enfinityhost Peon

    Messages:
    20
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #3
    Piece of advice, stay away from free 3rd party PHP scripts that are not updated after an exploit is discovered in them.

    Add yourself to some sort of NewsGroup to be warned about vulnerabilities that are discovered in the programs you run on your server.

    Doesn't hurt to hire an administrator to run your server for you either.

    I'm for hire BTW.
    :)
     
    Enfinityhost, Jul 10, 2008 IP
  4. jkrish41

    jkrish41 Banned

    Messages:
    2,416
    Likes Received:
    111
    Best Answers:
    0
    Trophy Points:
    0
    #4
    Just make sure you use common sense, chmod your files/pages appropriately, make sure security is up to date, patches ,etc.

    I don't really like these, but you can of course put a "hacker safe" thing, and then hackers will think they are wasting their time, (they don't really help but you can try)
     
    jkrish41, Jul 11, 2008 IP
  5. Yousif

    Yousif Banned

    Messages:
    233
    Likes Received:
    4
    Best Answers:
    0
    Trophy Points:
    0
    #5
    Yes, Htaccess can do so much for you. Even using a simple, but powerful language as HTML is there security. I agree with the rest of the members, but don't purchase HackerSafe software. They clearly have no expertise in security, otherwise their clients wouldn't be aimlessly insecure at a rapid pace. They "market" your security. Secure your HTML forms if you have them. Make sure you sanitize input before it is displayed. Don't store "hidden" values and comments in your HTML source.
     
    Yousif, Jul 11, 2008 IP
  6. live-cms_com

    live-cms_com Notable Member

    Messages:
    3,128
    Likes Received:
    112
    Best Answers:
    0
    Trophy Points:
    205
    Digital Goods:
    1
    #6
    Since the pages are just HTML, yes, you have to rely on the security of the server itself. The most common exploits are in the PHP/ASP but since you have none you are quite safe.
     
    live-cms_com, Jul 11, 2008 IP
  7. pdog

    pdog Peon

    Messages:
    2
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #7
    Typical security measures at system level includes
    - Firewall
    - Patch management

    Then there is application level security, which is your web app.

    Since u are running on a VPS, i guess a lot of security issues is not directly under your control. In that case, u may want to check that the sys environment is up to date.

    Finally, always important to backup. Verify the backup actually is working. Practice your backup restore.
     
    pdog, Jul 12, 2008 IP