block injeksi iframe dengan mod_security

Discussion in 'Masalah Teknik dan Keamanan' started by PusatHosting, 9 Dec 2009.

Thread Status:
Not open for further replies.
  1. PusatHosting

    PusatHosting Hosting Guru Web Hosting

    Messages:
    3,333
    Likes Received:
    326
    Trophy Points:
    83
    hi All,

    Ada yang punya cara untuk blok injeksi iframe dengan mod_security kah?
    banyak yang bertumbangan mulai dari joomla , wp kena juga.
    membersihkan secara manual sih bisa, cuman kok keterusan yah.

    ada yang punya tips?

    trims
     
  2. diansastro

    diansastro Beginner 2.0

    Messages:
    34
    Likes Received:
    0
    Trophy Points:
    6
    coba scan PCnya pake antivirus trbaru, trus ganti password control panelnya Tuan..
     
  3. PusatHosting

    PusatHosting Hosting Guru Web Hosting

    Messages:
    3,333
    Likes Received:
    326
    Trophy Points:
    83
    yah sudah saya anjurkan di level client cuman keterusan masuk dan masuk lagi karena pc client belum bener2 bersih. lagi coba cari cara block dari server. ada ide bos?
     
  4. localhost

    localhost Apprentice 2.0

    Messages:
    576
    Likes Received:
    39
    Trophy Points:
    28
  5. Bforce

    Bforce _ DWH Admin Web Hosting (Company)

    Messages:
    1,420
    Likes Received:
    305
    Trophy Points:
    83
  6. nicosoftmedia

    nicosoftmedia (RIP) Community Guide

    Messages:
    2,025
    Likes Received:
    34
    Trophy Points:
    48
  7. PusatHosting

    PusatHosting Hosting Guru Web Hosting

    Messages:
    3,333
    Likes Received:
    326
    Trophy Points:
    83
    iya disitu saya sudah ambil individual ruleset untuk malware

    tak coba2 dulu pak, tapi sayang khusus WHM/Cpanel sayang sekali coz kita pakai DA.
     
  8. capoengx

    capoengx Beginner 2.0

    Messages:
    28
    Likes Received:
    0
    Trophy Points:
    1
    Masalahnya kalau pc klien masih belum bersih ya keterusan :D
    Saran:
    1. Full scan PC klien
    2. Install ulang software ftp yang di pakai
    3. Password account ftp jangan di remember di software ftp nya
    4. Lebih aman lagi upload file lewat cpanel saja
    5. Jangan lupa ganti password cpanel dan account ftp nya

    Semoga membantu..
     
    Last edited: 21 Dec 2009
  9. PusatHosting

    PusatHosting Hosting Guru Web Hosting

    Messages:
    3,333
    Likes Received:
    326
    Trophy Points:
    83
    tapi ngga semua klien sadar hal spt ini, salah satu klien saya sukanya ngotot kalau diberi penjelasan bahwa pcnya yang bermasalah apalagi penjelasan spt ini.
     
  10. susan

    susan Apprentice 1.0

    Messages:
    287
    Likes Received:
    37
    Trophy Points:
    28
    tips lain: saya pakai pure-ftp + clamav, lumayan ampuh untuk mendeteksi iframe injection ketika user mengupload file.

    susan,
     
    Last edited: 22 Dec 2009
Loading...
Thread Status:
Not open for further replies.

Share This Page

Loading...