How can you prevent your website from being hacked?

Your website is being targeted by hackers daily! All websites are being targeted daily by countless hackers every day to steal important information present on these websites. This is a serious concern and now, there are many useful web security applications available to make your website secure along with other websites.

The following are some of the web security features that are most important for your website to be secured.

SSL (Secure Sockets Layer)

If your website intends on selling products or services, then this is the most important feature that should be included in your website. SSL provides the necessary security and privacy in web oriented communication systems. The two basic features of SSL are:

1.) SSL keeps check on every message that is exchanged over the internet. SSL also creates a secured network between the computers. Secure Shell Host (SSH) is another encryption server service that has been integrated by some web hosts for the web security purpose. This prevents the necessity for additional installation of security softwares. This may also reduce the requirement of additional installation of security protocols.

“Optional session caching” is one of the important features of SSL which optimizes all network connections or activities. This secures and optimizes the communication processes.

2.) SSL protocol keeps absolute privacy during web-oriented communications by using the symmetric cryptography. Web-oriented communications may include monetary transaction between two participating sites as well.

FTP (File Transfer Protocol)

Using File Transfer Protocol (FTP) is used to transfer the text data, audios, videos, other multimedia files, or graphics to the web server from your personal computer or web server. Web servers which make use of this File Transfer Protocol are usually secured, as this feature allows the users to securely transfer the files from one server to another.  This allows users to create specific FTP accounts. User names and passwords can be assigned to each of the FTP accounts. This makes sure that only the owner of the FTP account can transfer the files over that particular FTP account.

SFTP (Secured File Transfer Protocol)

The Secure File Transfer Protocol (SFTP), FTP, and SSH are provided by some web hosts for additional web security to protect the web content on the websites hosted on their web servers. Using these features, you can effectively prevent web hackers from hacking your website.

SSH (Secure Shell Host)

Secure Shell Host (SSH) is perhaps the most expert security feature used to look after the web communication methods. There are encrypted channels present through which users can access different computers over the Internet and carry out certain specific commands from a distant place. SSH protects the transfer process of digital content between computers connected through the internet. This process also prevents hackers from stealing your valuable data.

Preventing Spam

Though spamming does not directly affect your website, it can affect your business gradually over a period of time. Usually, the free web host servers are the ones which get affected by this spamming. Spam messages usually carry harmful virus, spy-wares, and other kind of harmful applications with them which can harm your computer or infect your website’s important files. It also affects the bandwidth and the disk space of your web hosting server. So, there should be an anti-spam program or tool installed in your website to prevent spam and, in turn, make your website very secured.

Protecting The Hot Links

Protecting the hot links on the site is one of the most important features that you need. Hot linking occurs when another website shows the images or hyper-links, present on your website, on their website. This acts as a theft of your data. So, it is important to protect your content from such stealing acts. It also affects the bandwidth and the disk space of your website. So, to protect your website, you need to take care of the hot linking by having special preventive web tools to save your website from the thefts.

DDOS Prevention

Denial of Service (DOS) and Distributed Denial of Service (DDOS) attacks are some of the oldest known threats targeting the operating systems. This is still a very difficult problem with no known effective solutions. They slow down the web servers. This slowing down affects all the websites present on that particular web server. The anti-DDOS software is now available and is included in the firewall and router. All these important security features are now being implemented by most of the web hosts in their web servers effectively.

Load Balanced Dedicated Servers

One server responding to all the incoming HTTP requests for a website might not able to handle all the incoming traffic of a website. This would become more difficult if the website becomes more popular. As a result pages will load slowly and users will have to wait for a long time to view web pages. Due to increase in traffic and connections to website there will be need to upgrade the server and it would be no more cost effective.

To improve the server scalability, more servers are needed to add more scalability and distribute load among the servers which is also called as clustering and load distribution among these servers is called as Load balancing. Load balancing applies to all types of servers including application and database servers.

Load Balancing Mechanism

The load balancing mechanism used for spreading HTTP requests is known as IP Spraying. HTTP traffic needs to be evenly distributed when there are multiple servers in the group. It acts as one server to clients for example an internet browser. “Load dispatcher” and “network dispatcher” are the equipments used for IP spraying. You can simply call them as “Load Balancer”.IP Sprayer redirects HTTP requests to a server in a server cluster. It all depend on the type of IP sprayer involved so that the architecture can provide more scalability, load balancing and overcome all the fail-over requirements.

You can have a look at Load Balanced Servers offered by eUKhost.com for a complete load balancing solution.

In this age of malicious programs, there are many different threats which are able to compromise the security of either your VPS or dedicated server, which could leave the information that you host within your dedicated environment open to abuse; this means that you should always take pride in the security of your VPS or dedicated server which means that you should maximize the security of your dedicated environment. One such threat which is common within the Linux world and is able to effect the security of your Linux based VPS or dedicated server are rootkits.

Although it is widely though that root kits are a type of security threat which is specific to Linux based servers only, they are also able to affect the performance of Windows based VPS and dedicated servers. The main aim of rootkits is to enter the target machine via a hole which has been found in either a website or other application which is hosted on the machine or via a database without detection by any type of anti-virus software, and some are created to resist removal and are normally create with one malicious intention.

Rootkits go undetected since most hide themselves within the kernel of a Linux server, which means that they are run as the ‘root’ or administrator user which means that they are able to run without being detected by the administrator or owner of the affected server, and that they are able to run without question by the operating system that is installed on the VPS or dedicated server that has been invaded. You can prevent rootkits from invading your VPS or dedicated server by ensuring that your server is as secure as possible, which means that you should have anti-virus and rootkit hunting software installed to try and prevent your server from being affected by malicious programs. Most malicious attackers use rootkits to install certain programs on your VPS or dedicated server so that they can use it for their own purposes; for example a hacker might install a rootkit on your dedicated server so that they can run their illegal IRC channel which might be used for discussing illegal activities, this in itself might land you in trouble - it is for this reason that you should try and keep your VPS or dedicated server as secure as possible.

One of the most important things to consider with rootkits is that once a rootkit has installed itself on your VPS or dedicated server, you will be unable to remove it since it will be embedded within the kernel or root of the operating system that you have installed on your VPS or dedicated server; in order to be able to utilize your VPS or dedicated server, you will have to reinstall the operating system that your VPS or dedicated server uses.

cPanel and Plesk are two examples of web hosting control panels utilized by many hosting providers. Currently cPanel is only available for use on Linux operating systems, but this is set to change from 2008 when cPanel releases it’s cPanel/WHM 2008 Suite for Windows 2008; Plesk has been available for both Windows and Linux for a while now.

cPanel

cPanel is seen by many as the preferred control panel for Linux operating systems because of its quick loading times which is main due to the fact that the system is based mainly on Perl scripts meaning that it requires little to no database access at most times. cPanel also has greater capabilities than those which Plesk contains, these being that cPanel gives more server side information to the end user which they may need to use at times which can be mission critical in some cases; cPanel is also able to sort add-ons, examples of these include ‘Fantastico’ and ‘RVSkins’ - this add-on functionality also allows developers to build their own custom functions and programs for use within cPanel.

cPanel provides better reseller hosting than Plesk does. This is because cPanel has a specially created control panel included with it called WebHost Manager (WHM for short) which has been designed specifically for the purpose of reselling web hosting services. Plesk is only one control panel and makes setting up reseller account remarkably hard.

cPanel has also made migrating your hosting account to another cPanel hosting provider easy by intergrating a site migration module. This allows people to transfer all their sites and settings without loosing any data. This is something which makes cPanel stand out from the rest as it is something most control panels lack.

Plesk

Plesk is a cross platform control panel which is available in versions for both Windows and Linux. It is seen as the preferred control panel in the Windows hosting industry because its closest rival, HostingController, is remarkably unreliable and has helped give Plesk a big boost in the control panel industry. Plesk is a relatively closed operating system meaning that isn’t open for developers to create their own add-ons, however, it does have intergration for many other programs in different fields such as the ability to allow customers to use SmarterMail in the Windows version of Plesk.

Being a cross platform control panel, Plesk has the advantage over cPanel meaning that companies can run the same control panel on both panels meaning that minimum training is required for technicians as they only have to work out the operations of one control panel - this can save a business both time and money. However, on the security side of things Plesk for Windows doesn’t fair as well as it’s Linux counterpart or competitor do; there have been several holes found within the Plesk software allowing hackers to take control of a Windows server through the Plesk control panel, and the hacker can still gain access a second time after the administrator password on the server has been changed.

Conclusion

If you are after one control panel that suites all then go with Plesk - it can save you both time and money as a business and what you learn can be applied to both systems. However, if you prefer to go with the market leader and are willing to spend some time studying both options (cPanel for Linux, Plesk for Windows) then fo with cPanel as you will be able to customize it more to suite the environment in which you want your customers to control their websites.

Find PID of process
$ps aux | grep
Find out current working directory of the process 1213
$pwdx 1213 >> Output : 1213: /tmp/.abc

This seems to be someone try to hide process directory. You can then try to find out using..
$ls -l /proc/1213/cwd

Output :
lrwxrwxrwx 1 root root 0 Nov 20 04:35 /proc/1213/cwd -> /var/spool/mqueue

Hosting accounts has an access to a shared secure server. Its not really a separate server but the web pages are displayed through an encrypted connection. Every page on a website can be called through this secured server.

You can access the web pages through the secure server using following path:-

Replace “servername” with the name of the server on which your domain is hosted. Replace “yourdomain” with your domain name without the TLD extension, and replace “filename.html” or “scriptname.cgi” with the name of the file you want to call through the secure server.

https://servername.safe-order.net/yourdomain/filename.html

Use this path to access scripts located in CGI-BIN-

https://servername.safe-order.net/cgi-yourdomainscriptname.cgi

Note: Always use “https” instead of the usual “http”. Secure calls require the use of the “https”.