How are websites hacked to have their content defaced? How can I prevent such attacks on my website?
There are countless ways in which a website could be defaced—way too many for a single Quora answer!
Here are a few off the top of my head:
- An unpatched operating system with vulnerabilities in system services (SSH daemons, web servers, other procceses). Defence is to make sure you keep your packages up to date and avoid running anything exotic that might not be actively maintained.
- XSS attacks. Make sure you have a deep understanding of what XSS is and how it works, and ideally use a template language that escapes output by default to help avoid the most obvious problems.
- SQL injection attacks. Make sure you use a library that paramaterises SQL queries and handles escaping correctly for you, NEVER append strings together to create a SQL statement.
- Sniffing your administrative username/password or even your authenticated cookie over an insecure WiFi network—make sure you only ever send those things over HTTPS.
- Brute force attacks on your administrative login screen—make sure you rate limit login attempts.
- Guessing your server’s SSH password (or your admin interface password)—use a one-time, random password stored securely in something like 1password and ideally don’t have SSH passwords at all, use SSH public-key authentication instead.