So here are some tips for securing your website if you're on Ubuntu [Linux]:
-Never log in as 'root' user
-Disallow root login through settings
-Create an account with a secure password and grant it sudo privileges
-Do not share sudo privileges
-Do not use FTP, use SFTP
If you are on ANY system and using MySQL, be sure to prepare your statements and properly bind parameters.
What I mean by this is to secure yourself from something called SQL INJECTION.
To test your site if it is vulnerable for SQL INJECTION, put a single quotation ' at the end of your URL.
To prepare statements, simply put ->prepare instead of ->query before your statement and use bindParam.
Ex of above: WRONG: $con->query("SELECT * FROM cats WHERE id=:id"); RIGHT: $con->prepare("SELECT * FROM cats WHERE id=:id");
To bindParam, never use php variables in statements as they are a direct injection vulnerability, but use words with semicolons before them.
For the sake of an example, we will pretend that $id is the $_GET['id'].
So in php it would look like this:
$id = $_GET['id']
An example of an incorrect statement is:
$query = $con->prepare("SELECT * FROM cats WHERE id = $id");
$query->execute();
An example of a correct statement is:
$query =$con->prepare("SELECT * FROM cats WHERE id= :id");
$query->bindParam(':id',$id);
$query->execute();
This is how you secure SQL on your site.
I hope you enjoyed this tutorial
Webmaster Security
Security - Ubuntu [LINUX] and others
Submitted by CryptAlchemy, 28-06-2015, 12:19 AM, Thread ID: 5140
Thread Closed
28-06-2015, 12:19 AM
#1 RE: Security - Ubuntu [LINUX] and others 28-06-2015, 12:08 PM #2
28-06-2015, 12:08 PM
#2 RE: Security - Ubuntu [LINUX] and others 30-06-2015, 03:37 PM #4
30-06-2015, 03:37 PM
#4 RE: Security - Ubuntu [LINUX] and others 18-07-2015, 11:59 PM #5
18-07-2015, 11:59 PM
#5 RE: Security - Ubuntu [LINUX] and others 27-07-2015, 09:24 PM #6 Do not let your difficulties fill you with anxiety, after all it is only in the darkest nights that stars shine more brightly. - Ali(a.s)
Developer( PHP, Python, C++, HTML+CSS, JS I am available for Hire. Message Me for details.
27-07-2015, 09:24 PM
#6 Do not let your difficulties fill you with anxiety, after all it is only in the darkest nights that stars shine more brightly. - Ali(a.s)
Developer( PHP, Python, C++, HTML+CSS, JS I am available for Hire. Message Me for details.
Developer( PHP, Python, C++, HTML+CSS, JS I am available for Hire. Message Me for details.
RE: Security - Ubuntu [LINUX] and others 27-07-2015, 09:29 PM #7
27-07-2015, 09:29 PM
#7 RE: Security - Ubuntu [LINUX] and others 30-07-2015, 11:10 PM #8
30-07-2015, 11:10 PM
#8 RE: Security - Ubuntu [LINUX] and others 01-09-2015, 02:49 PM #9
01-09-2015, 02:49 PM
#9 RE: Security - Ubuntu [LINUX] and others 16-09-2015, 02:25 PM #10
16-09-2015, 02:25 PM
#10