Guest Post: General Security Recommendations for Webmasters
This is a guest post written by Oleksandr Nadtoka, Linux expert (see his bio below).
It is not a secret that most hacker attacks are usually done through website software vulnerabilities. Things like blogs, forums, CMS, or any other PHP-based application are open to hacks.
Hosting providers cannot keep these types of software secure, since they are not software developers. That’s why it’s up to you, webmasters, to make sure that the software you use is safe. Here are some ways to accomplish that task.
Guest Post: Stay On Top of Updates
First, it is strongly recommended that you review everything you have in a website folder, and try to determine the best way to protect your applications.
For example: if you have Joomla, WordPress, OsCommerce, or any other widely-used software installed, make sure to check vendor sites regularly for recent updates and security fixes. Make sure that all plugins and themes are updated to include the latest versions as well.
See something strange? This could be due to phishing or scam content. Often, this type of content is used to solicit credit card information, send spam, or upload vulnerability scripts (amongst other things!).
Guest Post: Review Everything
Second, it’s a good idea to review your files regularly. Check out the latest changes that a file has gone through. Malware code can be easily inserted into pages when you’re not looking.
Do you have a Linux server with SSH access? Here’s what to do:
- go to your web folder and run below command to generate a sorted list of any files that were recently changed – root@server~]# find . -type f -exec stat –format ‘%Z :%z %n' {} ; | sort -nr | cut -d: -f2- | less
- make sure that you do not have any open files or folders with write permissions set at “all.” Any folder that has “full granted permissions 777” selected is open to anyone. Recommended permissions are 755 for folders and 644 for files (except PERL and CGI files that require execute permissions).
Find all 777 permissions in your current directory and change those to secure permissions, so that you see these two SSH commands:
- [root@server~]# find . -type f -perm 0777 -exec chmod 644 {} ;
- [root@server~]# find . -type d -perm 0777 -exec chmod 755 {} ;
Some web applications require 777 permissions for php, but – and this is important – this is only for PHP handler that runs as Apache mode. PHP that runs through CGI or FastCGI handlers are run as site owner instead of Apache user. This ensures that if one domain is hacked, the others will not be impacted.
Guest Post: Look For Patterns
One way to look for patterns is to use GREP command to surf through all of your files, and fine the ones that dangerous PHP functions (dl, exec, passthru, shell_exec, system, and others).
Use this command to find those files:
- grep -r –E ‘dl|exec|passthru|shell_exec|system|proc_open|popen|curl_multi_exec|parse_ini_file|show_source’
Guest Post: Create Strong Passwords
Using the site strongpasswordgenerator.com as an example of secure passwords, create FTP and account passwords that are incredibly difficult to hack. Some widespread Trojans include functions that can steal FTP passwords from a user’s local computer and send these passwords to hackers (or special bots).
In order to make sure that these Trojans are not present, it is vital to scan your/your client’s computer for viruses (using in-depth scanning).
AUTHOR BIO : Oleksandr is a Linux system administrator and security officer based in the Ukraine. In addition to being a go-to source for all things Linux and security-based, Alex spends his time snapping photos, kickboxing, and hanging out with his five cats. He also enjoys working with startups and helping tech startups grow into blooming businesses.
