1

our website server was frequently gotten hacked recently.how can i protect it

Hooligan
  • 195
  • 1
  • 2
  • 11

4 Answers4

8

  • Get a competent admin. Hired, that is.

  • Fire your incompetent developers and hire comptetent ones.

TomTom
  • 51,649
  • 7
  • 54
  • 136
4

Pay someone to do it for you.

Chopper3
  • 101,299
  • 9
  • 108
  • 239
4

What kind of server is it? (Windows/Unix?) Is it remotly hosted? What applications is it running? Are you using stupid passwords? Are you using a Firewall?

Noway near enough information to even begin to help you!

JamesK
  • 1,646
  • 11
  • 19
0

three suggestions I can give: 1. Use non-standard ports whenever possible. Make ssh use port 3456 and remote desktop use 4567 for instance. 2. Use long passwords. 3. Have a program listening on a standard port such as port 80 or port 21. When somebody connects with that port, record the ip address and ban them from the entire server.

Here's an example of a raspberry pi php web page listening on port 80 and banning anybody that connects to it using iptables:

To run iptables from php, add the following to /etc/sudoers www-data ALL=(ALL) NOPASSWD: /sbin/iptables

<?php
// Get the ip address of the client.
$remote_addr = $_SERVER['REMOTE_ADDR'];
// Ban them.
if (is_ip($remote_addr)) {
    ban_ip($remote_addr);
    // Save the banned IP address.
    $logfile = '/run/shm/banned.txt';
    file_put_contents($logfile,$remote_addr."\n",FILE_APPEND);
}
// Returns true if $ip is a valid ip address.
function is_ip($ip)
{
    $count = strlen($ip);
    $valid = '0123456789.:';
    for($loop=0;$loop<$count;$loop++) {
        if (strpos($valid,substr($ip,$loop,1))===false) {
            return false;
        }
    }
    return true;
}
// Bans an ip address.
function ban_ip($ip)
{
    $cmd = 'sudo /sbin/iptables -A INPUT -s ' . $ip . ' -j DROP';
    exec($cmd);
    return;
}
?>
Russell Hankins
  • 167
  • 2