Results 1 to 6 of 6

Thread: Prevent defacement of website

  1. #1

    Thread Starter
    Software Carpenter dee-u's Avatar
    Join Date
    Feb 2005
    Location
    Pinas
    Posts
    11,123

    Question Prevent defacement of website

    I am the administrator of our website but we are not the host and last week our site has been defaced. Could us "admins" resort to something to prevent such defacement?
    Regards,


    As a gesture of gratitude please consider rating helpful posts. c",)

    Some stuffs: Mouse Hotkey | Compress file using SQL Server! | WPF - Rounded Combobox | WPF - Notify Icon and Balloon | NetVerser - a WPF chatting system

  2. #2
    PowerPoster PlausiblyDamp's Avatar
    Join Date
    Dec 2016
    Location
    Pontypool, Wales
    Posts
    2,458

    Re: Prevent defacement of website

    Without knowing how the defacement took place and who did it there isn't a lot to go on...

    From an admin point of view you should be making sure the server is properly secured e.g. no write access to the server (unless specific folders require it), disabling extensions that could allow changes to be made remotely (ftp, webdav, front page etc) or at the very least properly secured, no direct access to databases that are serving up content.

    If the server itself is properly locked down then this could be more of a developer issue; if the site is open to any of the common exploits, script injections, XSS, or isn't properly validating security then there isn't a lot that can be done from a pure admin point of view other than hoping you have suitable auditing in place and can at least identify the problem areas.

    As an admin do you have any details regarding how the defacement took place?

  3. #3
    PowerPoster kfcSmitty's Avatar
    Join Date
    May 2005
    Posts
    2,248

    Re: Prevent defacement of website

    If you're running a CMS or some other out-of-the-box software, make sure you're on the latest version and check the exploit db (https://www.exploit-db.com/) to see if you have any major vulnerabilities.

    You could also run a metasploit scan against your server and it should give you some decent information on that the culprit may be.

    Really there isn't much to tell you unless we know specifics about what version of webserver you're using (IIS, Apache, Nginx, etc.), the software loaded onto it, what ports are open, etc.

  4. #4

    Thread Starter
    Software Carpenter dee-u's Avatar
    Join Date
    Feb 2005
    Location
    Pinas
    Posts
    11,123

    Re: Prevent defacement of website

    As I've stated in my first post, we are not the host of our website hence we are at their mercy. The host reported that the cause of the defacement was "file injections".

    The activities also led to file injections that allowed the hacker to modify defaced files.
    Given that I am only allowed to access the control panel to edit the files, is there something that I could do to at least prevent such defacement in the future?

    Are there good "free" website vulnerability scanner out there?
    Regards,


    As a gesture of gratitude please consider rating helpful posts. c",)

    Some stuffs: Mouse Hotkey | Compress file using SQL Server! | WPF - Rounded Combobox | WPF - Notify Icon and Balloon | NetVerser - a WPF chatting system

  5. #5
    MS SQL Powerposter szlamany's Avatar
    Join Date
    Mar 2004
    Location
    Connecticut
    Posts
    18,263

    Re: Prevent defacement of website

    I have a a hard time believing that a file injection infected a web server.

    One of my clients recently got that virus that changes files to images and starts encrypting your system. It was brought in-house by someone sitting in the police dispatch center late at night as they were browsing around the internet. They downloaded something that then started to execute. Since the network was so tied down only two shares actually got infected - so the cleanup was easy.

    If someone uploads a file using your web page to your web server nothing executes code in that file - right?

    Your hosting company brought this virus in-house themselves, imo.

    *** Read the sticky in the DB forum about how to get your question answered quickly!! ***

    Please remember to rate posts! Rate any post you find helpful - even in old threads! Use the link to the left - "Rate this Post".

    Some Informative Links:
    [ SQL Rules to Live By ] [ Reserved SQL keywords ] [ When to use INDEX HINTS! ] [ Passing Multi-item Parameters to STORED PROCEDURES ]
    [ Solution to non-domain Windows Authentication ] [ Crazy things we do to shrink log files ] [ SQL 2005 Features ] [ Loading Pictures from DB ]

    MS MVP 2006, 2007, 2008

  6. #6
    PowerPoster
    Join Date
    Feb 2006
    Posts
    24,482

    Re: Prevent defacement of website

    Look at http://phpsecurity.readthedocs.io/en...n-Attacks.html

    A defacement exploit is nothing like a virus.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  



Click Here to Expand Forum to Full Width