1 / 17

Website security

Website security. Prepared By, Mahadir Ahmad. Who Are stopbadware & Commtouch.

dakota
Télécharger la présentation

Website security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Website security Prepared By, Mahadir Ahmad

  2. Who Are stopbadware & Commtouch StopBadware makes the Web safer through the prevention, mitigation, and remediation of badware websites. partners include Google, PayPal, Mozilla, Verizon, and Qualys. StopBadware is based in Cambridge, Mass. For more information, visit https://www.stopbadware.org/ Commtouch(NASDAQ: CTCH) safeguards the world’s leading security companies and service providers with cloudbased Internet security services. Real-time threat intelligence from Commtouch’sGlobalView™ Cloud powers its Web filtering, email security and antivirus solutions, protecting thousands of organizations and hundreds of millions of users worldwide visit http://www.commtouch.com/

  3. Survey done by stopbadware & Commtouch, on owner of 600 Websites whose site had been compromise

  4. Only 9% out of over 600 websites that was compromised using Joomla

  5. Malicious Hackers How are websites compromised? New Flaws Exploits Phishing Social Engineering

  6. Does your Webmaster have knowledge about the CMS being used? 64% said in the survey they don’t even know how their website being compromised, 20% don’t update their website software or plugins.

  7. How was your site used after it was compromised? Only 4% used for defacement (vandalized), Are you sure your current website has not been compromised? It could be used for spamming and other things even hard for a beginner’s Webmaster to notice it.

  8. How to prevent • Keep software and all plug-ins updated. Whether you run popular content management software (e.g., WordPress, Joomla, Blogger) or custom software, make sure that software and all third party plug-ins or extensions are updated. Remove plug-ins or other add-ons that aren’t in use. • Use strong, varied passwords. WordPress login credentials, for example, should be different from FTP credentials. Never store passwords on your local machine. • Regularly scan your PC for malware. • Use appropriate file permissions on your web server. • Research your options and make security a priority when choosing a web hosting provider. If you aren’t confident you can protect your site on your own, consider using an add-on security service from your hosting provider or a third party website security service.

  9. Our security strategies The most popular hack on Joomla until now is defacement

  10. Hiding Joomla from automatic scanner • & novice hacker • Hiding /administrator • Remove all joomla keywords in source code

  11. Joomla Firewall • Protect & block any well known SQL injections • Detect insecure file permissions • Security suggestions

  12. Manually checking for vulnerabilities in Official Joomla Vulnerable Extension Lists • Continually checking for any known vulnerabilities • Update extensions continuously

  13. Two factors Administrator Authentication • /Administrator hiding + Two factors login = No login for unauthorized users + No brute force attacks

  14. Others • Daily backup • Move critical files/folders outside of public access (outside public_html or wwwroot) • Daily monitor for new updates for Joomla core.

  15. Penetration Test Using Open Web Application Security Project

  16. We welcome for any penetration test to our final product

  17. Thank you

More Related