2 days a go, my website is been hack by hacker who remove my index file n replace with thier file ( Jamicyn, Im Not a Jamaica )like that... can somebody tell my how do i know the ip of the hacker? i want to block the ip address.. and how do i protect my website? by the way, im using CPanel and my web use Joomla... thanks..
ha ha...he hacked one of my sites a few weeks ago. There's nothing you can achieve by blocking the IP...he can always bypass that. Use latest versions of scripts and harden security of your server.
thank for advice.. i just past by with some website that list the website that been hack with the same hacker... there about thousands of website in one day.. hhmm.. i bet he use some script and automated it...
IPs can be bypassed by proxies. See DP, full of them...lol You might want to consider disabling POST method from all other domains except your ones and 127.0.0.1 and localhost...
Keep your scripts up to date, install mod_security with a middle aggressive ruleset, disable dangerous php functions such as: exec, system, passthru, readfile, shell_exec, escapeshellarg, escapeshellcmd, proc_close, proc_open, ini_alter,dl, popen, parse_ini_file, show_source, curl_exec. In order to do this: 1) Edit /usr/local/lib/php.ini or /etc/php.ini depending on your php installation 2) Look for the variable called "disable_functions" and add all those I mentioned above. You can also change "safe_mode" to On and recompile apache with suexec and phpsuexec (if you are using cPanel you can do it with easyapache). 3) Save your changes and restart apache Good luck