How are websites hacked to have their content defaced? How can I prevent such attacks on my website?
4th December 2012
My answer to How are websites hacked to have their content defaced? How can I prevent such attacks on my website? on Quora
There are countless ways in which a website could be defaced—way too many for a single Quora answer!
Here are a few off the top of my head:
- An unpatched operating system with vulnerabilities in system services (SSH daemons, web servers, other procceses). Defence is to make sure you keep your packages up to date and avoid running anything exotic that might not be actively maintained.
- XSS attacks. Make sure you have a deep understanding of what XSS is and how it works, and ideally use a template language that escapes output by default to help avoid the most obvious problems.
- SQL injection attacks. Make sure you use a library that paramaterises SQL queries and handles escaping correctly for you, NEVER append strings together to create a SQL statement.
- Sniffing your administrative username/password or even your authenticated cookie over an insecure WiFi network—make sure you only ever send those things over HTTPS.
- Brute force attacks on your administrative login screen—make sure you rate limit login attempts.
- Guessing your server’s SSH password (or your admin interface password)—use a one-time, random password stored securely in something like 1password and ideally don’t have SSH passwords at all, use SSH public-key authentication instead.
- Serving JavaScript on the page from another URL (e.g. an externally hosted JavaScript library or an advertising network) which gets compromised. It doesn’t matter how good your own site security is if you link to insecure JavaScript from a third party.
More recent articles
- My AI/LLM predictions for the next 1, 3 and 6 years, for Oxide and Friends - 10th January 2025
- Weeknotes: Starting 2025 a little slow - 4th January 2025
- I still don't think companies serve you ads based on spying through your microphone - 2nd January 2025