How hackers Hack your website and how to Prevent
Hello to dear readers, Today I will teach you how to hackers hack your website and how to prevent from it and secure our site,
First of all learn how hackers hack your website and and get access.
All protection methods are my own so you can ask about it from me in comments.
1.There are lots of methods that hackers used to exploit and hack your website, First and very well known attack is SQL Injection. This is caused by display of
Queries which are injected through web URL and result displayed will show Site database informations like admin user-name and passwords, many big sites are
vulnerable to this attack it is very common method of getting site password and database, sometime mod_security also unable to prevent this attack.
2. Second method is remote file inclusion RFI and LFI Local file inclusion,in these both methods, hackers executes their millicus shell code remotely after executing
code hacker get full access to your web server, can delete your files and folders or modified, hackers after hacking your site can install back doors,
back-doors are piece of codes by which hackers can access again your website after the web is recovered from hackers, this back-doors are also invisible
and not easily detectable and deletable
3. Third method is symmilink bypass, it is method in which hackers hack website running on same server. for example: site a b c d are running on same shared
server and site b is attacked by hacker and hacker get accessed, now by using special design exploit, hacker pass through separation layer and get accessed
to all other a c d sites. this phenomenon is explained by picture in below figure:
cure so do not worry if you are web master and want to protect yourself from attack you should follow protection methods given by me or you should also
use your common sense to make your own methods.
methods: 1st login to your site admin login panel and in tools se below mentioned tool:
then next see in screen shot and write your admin directory, and chose unique password which like your phone number
now press enter now you are done, if hacker successful to get your admin login password then he/She can not open your admin directory to login
directory password is stored in your hosting so hacker cannot access it. now you are protected from SQL Injection hack...
Protection from LFI/RFI Attack is prevented by installing auto shell remover web softwares which are open source and available on INTERNET just install
them in your hosting and get protected.
Symmilink bypass can be avoided by devolving your site on private server hosting like VPS.
This was my tutorial if anyone has confusion can freely ask in comments or contact me on skype, my ID is given above in contact tab.