Web Security


Things which can protect your system from intruders  

    
  1.  Keep platform up-to-date:

It is one of best things that you can do to protect your website from intruders, you just have to make sure that installed platforms scripts are up-to-date. It is found that many of these tools are created as open-source software programs, so their code is easily available to black hat hackers. This code can be used for both in good intention by developers as well as bad intention by hackers. Developers will resolve the bugs and hackers will look for any security loopholes which will allow them to exploit the platform or any script.

For an example, if anyone is running a website on WordPress, then the WordPress installation and plugins which are installed may be potentially vulnerable to attacks. Just make sure that you are using the newest version of platform and scripts, which will help minimizing the risk.

     2.  Installation of security plugins:

Once your platform and scripts are up-to-date, you can go for installing security plugins to increase the security and prevent hacking. Following are the list of security plugins which are free.
a)  WordFence b)  BulletProof Security c)  Sucuri Security d)  iThemes Security (formerly Better WP Security) e)  Acunetix WP SecurityScan f)   All In One WP Security & Firewall g)  6Scan Security h)  Better WP Security
This plugins will address the weakness and threats which could be harmful for your website.

The other thing if your website is running on web content management system or HTML based pages, then should go for SiteLock. SiteLock closes the security loopholes by providing daily monitoring, detection of malware, vulnerability identification, virus scanning etc. SiteLock is worth considering if you have a high investment.  

3.  Setup your directory and file permission  
All the websites can be classified into files and folders which are on your web hosting account. With considering all the scripts and data you need to make your website work, all the files and folders have given a set permissions which control who can read, write and execute. On Linux based operating system, all the permissions are represented in 3 digit code where each digit is an integer between 0-7. The first digit is a representation of permissions which are assigned to an owner of a file, the second digit is a representation of permissions which are assigned to anyone in group who owns the file, and the third digit is representation of permissions which are assigned for everyone else. 

4 is for Read 
2 is for Write 
1 is for Execute
0 is for no permissions


A good rule of thumb is to set your permissions as follows: 
a.  Folders and Directories = 755
b.  Individual files = 644

To set file permissions, right click on your file and go to “File Permissions”. 

4.  Check if SFTP is available 
FTP is File transfer Protocol which is used for uploading files to your web hosting server or cPanel account. SFTP is secure file transfer protocol which is more secured as it has a secure layer of protection. This provide encryption of data and prevent files form modifying. 

5.  Firewall 
A good firewall should be there to prevent an unauthorized access to your web server. This will protect your cPanel hackers as this your first line of defense. 

6.  Install Anti-Virus 
As your web server is on Internet, and Internet is prone to virus infection therefore you must install antivirus in your Cpanel. The most popular anti-virus used for is cpanel is ClamAv. It will scans directories and email for malicious files and it is an open source application. 

7.  Install Rootkit Scanner 
It is a malicious program that can gain access to your web server without getting noticed. It cannot be detected by an anti-virus software. That’s why the reason the scanner must be installed to protect your system.

Comments

  1. Unknown12 November 2017 at 20:01

    Awesome work Rushabh Keep it up!!!!

    ReplyDelete
  2. Unknown12 November 2017 at 21:01

    Nice one rushabh.

    ReplyDelete
  3. Unknown12 November 2017 at 21:01

    Nice one rushabh.

    ReplyDelete
  4. Suraj Khochare12 November 2017 at 21:04

    Great one man !!!

    ReplyDelete
  5. Auspicious12 November 2017 at 21:13

    Keep up the good work. We will be looking up for more blogs to come.

    ReplyDelete
  6. AkshayA13 November 2017 at 03:52

    Nice blog yaar!!one place destination to get security info for your website.
    Keep writing👌

    ReplyDelete
  7. Unknown15 November 2017 at 21:35

    Good one.. Its really helpful! Keep writing..👍

    ReplyDelete
  8. Unknown5 April 2022 at 15:34

    Top 10 best slots casinos for 2021 - SOL.EU
    Best 1xbet 먹튀 Slots Casino: Best Real Money Slots Sites 2021 · Red Dog Casino: Best Overall worrione.com Slots 출장마사지 Casino For https://sol.edu.kg/ USA bsjeon Players · Ignition Casino: Best Casino For Roulette

    ReplyDelete

Post a Comment

Popular posts from this blog

Snort (Intrusion Detection System)

Snort is a rule based IDS. Snort works in three different modes which is as follows:     1) Sniffer Mode     2) Packet Logger Mode     3) Network Intrusion Detection Mode 1)       Sniffer Mode : Sniffer Mode allows you to dump data in the header and body of each packet to the screen when you are running Snort. To start the snort for displaying all application data, enter the command as follows: ./snort –d                     -> works in most of the version of snort ./snort –dv                  -> for getting an error message 2)       Packet Logger Mode : Packet Logger Mode is different from Sniffer mode because the packet data and headers are written to the hard drive of host on which the snort is running. For writing to the directory named log write the following command: ./snort –dev –l ./log For capturing the logging data on the local network, it is necessary to enter the ip address range of the network ./snort –dev –l ./log –h 192.1
Read more

Wireshark(Network Protocol Analyzer)

Wireshark and components – what does it do and how? Wireshark is a network monitoring tool which also called as network protocol analyzer or sniffer. It is free and open source tool. It is used for network trouble shooting and analysis. Wireshark is a cross platform based, it runs on many operating systems like Linux, MacOS, BSD, Solaris, Microsoft Windows etc. There is also a terminal version of wireshark which is called as TShark. Wireshark uses pcap to capture packets form the network. It is used for examining the details of traffic in the network. The information of the packet which is captured can give its transmit time, source ip address, destination ip address, protocol type, header data etc. So this information can be use in security and troubleshooting issues. The wireshark will display the information in three types of panels which are Packet list panel, Packet details panel, Packet byte panel. The packet list panel are the colored lines which are displayed at the top.
Read more