Friday, August 10, 2012

How to avoid hacking

1.    Implement a firewall, antivirus and anti-spyware
2.    Develop a corporate security policy (unique passwords, password change every 90days)
3.    Don't run unnecessary network services
4.    Conduct a vulnerability test
5.    Keyword Filter to block out any harsh words. Use a whitelist before accepting any data from a user. (Whitelists reject all data that are not included on the OKed list.)
6.    Unsolicited Installation of Scripts
7.    Avoid Scam/Spammy Websites
8.    Make sure your files are using the correct CHMOD Permissions
9.    Change default table prefix for opensource scripts
10.  Check code before use of 3rd Party Scripts, Plugins, widgets
11.  Checking Your Logs Regularly
12. Blocking Search engine spiders from indexing admin section through robots.txt by adding Disallow: /wp-admin
13. Avoid .htaccess hack by # STRONG HTACCESS PROTECTION

order allow,deny
deny from all
satisfy all

14. Not allow browse through your directory by add code in htaccess file
# disable directory browsing
Options All –Indexes
15. Secure config files by adding code in htaccess
# protect wp-config.php

Order deny,allow
Deny from all

16. use .htaccess to restrict access and allow only specific IP addresses to admin directory by
# deny access to wp admin
order deny,allow
allow from # This is your static IP
deny from all
17. Block script injection, and unwanted modification of _REQUEST and/or GLOBALS. In htaccess
# protect from sql injection
Options +FollowSymLinks
RewriteEngine On
RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
RewriteRule ^(.*)$ index.php [F,L]
18. Make sure firewall and antivirus are always running before you access the Internet. If you want to exit or turn off your firewall or antivirus program, disconnect from the Internet first.
19. Encoding output data will stop script injection in the browser.
20. Never use filename or files supplied by users in any server-based resources including images and script inclusions.
21. Do not automatically use credentials or tokens submitted by browsers. “The only solution is to use a custom token that the browser will not ‘remember,’” writes OWASP.
22. When possible, avoid using interpreters. If you must use them, OWASP recommends to “use safe APIs, such as strongly typed parameterized queries and object relational mapping libraries.”
23. Use prepared statements, parameterized queries, or stored procedures. Do not use Dynamic SQL.
24. When connecting to a database use a less privilege account. That account should not be able to drop the “able” or “create.”
25. Never write your own encryption algorithms, it takes teams of encryption professionals to do this appropriately.
26. Only use tried, trued, and approved public encryptions.
27. Never generate keys while you are connected online.
  1. Use an index, indirect reference map or another indirect method to avoid exposure of direct object references. If you can’t avoid direct references, require authorization for website visitors before displaying them.
29. All private URLs and business functions need to be password protected by an effective access control mechanism that verifies the user’s role and privileges.
30. Remove default, test and example pages and applications that usually come with web server software.
31. never post your IP address on the Internet or in an email
32. Don’t use Generic Usernames
33. Securing your Ports.  Make sure any unwanted ports are ‘properly closed.’
34.  Updated Security Patches
35. Avoid public wi-fi – Avoid checking emails, logging into mobile banking sites and accessing private information when your phone is connected to public wi-fi such as those in coffee shops – as these are often insecure.
36. Turn off Bluetooth – When you’re not using Bluetooth always turn it off as hackers could use the wireless connection to gain remote access to your phone.
37. When using other than your personal home computer or laptop Turn off auto-complete, Delete your browsing history
38. Check if your Gmail messages are being forwarded without your permission
39. Keep informed about network security
40. Ensure physical security and Use paswordless authentication like smartcard etc.

top 10 adsense earners in tamilnadu

Name: Srinivas Tamada Location: Chennai, India but now is in USA Blog: Blog Niche: Ajax, PHP, Web Design. ...


Abbreviations Acting choices actress-actors addons ads adsense drawbacks advantages advantages of chennai Advantages of Links directory advantages of plastic cheppal stand advices affiliates all ads amazon android articles asp ASP dot Net design issues astrolgy autobiography automobile avoid hacking avoid snake bite backgrounds banners BCS Best category for best collections best PPT Presentations best things biodata blog Blog Advertising blog stats blogger blogger drawbacks blogs Browser errors Browser Issues bus ticketing machines business business loss Business Plan Business rental business wise drawbacks Buying Expired Domains capgemini Car buying tips certified professional cheat frauds Cinema industry cities clients Closed IT/Software companies closed websites codings Commented topics of my blog comments companies Construction contacts Copyright creativity Credit Card Prefix Numbers css CSS drawbacks CSS elements combination CSS errors css ID rules css limitations css links css selectors Cute babies cv demonetization design category disclaim DNS error Documentation domain drawbacks Drawbacks in Madurai bus stand drawbacks of legins drawbacks of strike drawbacks_others duty education electronics emails embedded empty post emptyland Error Code and Message eshop Extra expenses Face detection apps use family FAQ FENG OFFICE finance loans firecrackers firewall nonblockable sites food For sales Free fresh content friends fun general - new - temp GHS girls google google Ads Google Adsense Revenue Sharing Sites government GPS merits graphicsbg Green earth Hacking Methods hand held machines handicapped reservation header wordings health Helpful Slogams HM home shifting how to avoid social media spam HTML html encoder HTML5 website layout IBM IDEA IE IE problems india infosys internet Internet/Social Media Marketing interview questions ISBN IT hardware products for rental IT Hardware-software ja jallikattu javascripts job job analysis joomla KSRTC kvic links links_background verification websites links_blogs Links_certifications links_different websites links_letterwise Links_mobile websites Links_My Designs links_my SMM links_other states Links_Product_brand websites links_Reciprocal Links links_SEO/SEM links_Tamilnadu links_tenders links_tools links_UI design links_use for all* list list of industrial estate list of IT parks list of toll free numbers M2M Madurai Madurai 2020 Mail box folder maintenance Malayalam Malayalam movie my reviews manjula miss Manufacturing Industries marketing marketing ideas me at divisional sports MNC site bugs mobile monthly extra Multiple options in codings my my achievements my achivements My advt - ads My all ads My best collections my best ideas my comments My cousin's post in FB My donations my friends with actor actress My Google dashboard My horoscope my linkedin profile My online interview My Portfolio my posts links My questions my SEO experience my social media profiles my stack overflow profiles My Stackoverflow site answers My works Names nested html Netscape Navigator new blogs New build house for sale New Concepts news online earnings online generators online scams open office drawbacks Open source Opera orkut drawbacks Others view our grandparents Our ID and Numbers outsource statistics own ideas own ideas_aboutme own views page pixel collapse when scrolling in firefox Page Speed Performance parallax scrolling websites Partners Personals photos Photos - art Photos_actress photos_screenshots PHP plans Plots for sale poems policy Pollution Facts powercut Powerpoint press release Problems and solutions - ATM Problems and solutions - Education Problems and solutions - Hardware Problems and solutions - Mobilephones Problems and solutions - NGO Problems and solutions - Software Problems and solutions - Website problems in browsing center/internet cafe Products programmers problems programs proxy software Quality guidelines Rajamani realesate reasons for power shortage Recent comments relatives relatives business resume RS 232 dotmatrix printers rti sales SBI search engine search type websites security Security Alert regarding Serious CMS Attack SEM portfolio SEO Difficulty SEO for blogs SEO portfolio SEO tools SEO-SMM-ORM Plan SEO/SEM sil ads Site Tags siteworth slogans SMS benefits Social Interest - public use social media marketing Social Media Optimization social media widgets softland-palmtec software errors Software Testing Softwares solairaja sports SQL SQL queries stars statistics stop software patents tablet Grip and interaction Tamil - Tamilar - Tamilnadu TATA TCS technicals Technology tenders Testing Tips text magics Thanks Things to do before you die in India Things to Watch in 2014 thirumalai Tips Tips - Buseness tips Tips - Health tips Tips - life tips tips for demo video preparation Tips for doing SEO/SMM Tips for Good-Employee Tips for HR Tips for old money top 10 adsense earners in tamilnadu tours Travels TV UI Certifications Q & A UI design useful best software latest versions Useful websites for HTML Developer videos visa vista icons w3c standards wallpapers ways to find a job Web design Web design and developments Web developments Web Services web UI design shapes webhosting Website Features website templates Widgets collections Yahoo சுயசரிதம்

:: Useful web links List