Web sites are an important part of our lives now. We contact them through the website, the financial education to do the daily work of all types. Because of widespread financial transactions that now is an excellent target for criminals. It has spread the use of the website, so be careful. However, since only the user and the general public does not have enough technical skills. Developers will be able to develop the website in such a way that websites that are easy for hackers or hacking of the website and the users can not be any harm. This article was developed in the web design or for those who create their own website, some general information is given for those securities.
Security issues 1: Easter egg enabled in your hosting PHP? If the quick stop.
Solution:The Easter egg, the programming language has been developed through the web site, link to it in the form of the extension. Easter Egg is enabled by default in PHP. The hacker knows what the result of any website has been developed with the language. So you need to disable it.
Security Issues 2: PHP Settings’ Global Register on the script does not work if you do not, the script gives out.
Solution: Global register, leaving a strong mechanism for hackers to hand over.
Security Issues 3: Anonymous FTP user account has been opened without the need?
Solution: Anonymous FTP user account if you do not need to stop now. If you need more than one account at the main site to the host.
Security Issues 4: PHP Info file (PHP info ()) to the server has been up to?
Solution: Delete the file now, or a hacker would know details of your hosting server.
Security issues 5: What is the latest version of Apache?
Solution: Install the latest version of Apache. Daniel will able to do many types of attack may either another Base.
Security problem 6: your site has SSL certificate? What version of the Open SSL?
Solution: Install the latest Open SSL. At least version 1. Daniel can attack or the victim.
Safety Issues 7: Directory (UNIX) or folder (Windows) or file access permissions to the public ‘Writ’ have been?
Solution: First of all, if you have permission to write, but stop it. If you would like 0755 to 0777 UNIX directory. 0644 to file the day, if the CGI script is and is executable by 0666 the needs of the day. The usual CGI-BIN / CGI-SYS / SCGI-BIN etc. directory executable scripts (Perl, Python) is run. Check permissions to the Windows user group settings and reset if necessary. If you are not sure of your site, one after another file folder file / folder to check. If the file permissions with FTP client will log in.
Safety Issues 8: File browsing is the problem? The image on your website, CSS (assets, resources and folders) can be seen in the form of visits, the list of all the files?
Solution: Blank index files to upload, so do not appear in the list example.com/images/ visits the file. You can. restricted .htaccess can also access the folder.
Security issues 9: What is the safe setting of cookies in your script?
Solution: Sideways / Applications wise to set a cookie. This means your confidential information, another entrance undefiled cookies.
Security issues 10: FTP / Control Panel password dictator / you associated with?
Solution: You can change the password and the system are fast autogenerated password.
Security issues 11: There is a weakness in the DNS server hosting?
Solution: If you do not know to know the details of the hosting provider. DNS zone files, network hackers, a major weapon.
Security issues 12: Test your hosting account on the server is not enabled, right?
Solution: If you do not know the details of hosting providers out. If you choose software-enabled but Defense Force.
In addition to the above-mentioned general issues described below, always follow the safety tips of websites can be more secure.