Server kena Hack Indonesian Cyber Freedom

Discussion in 'Dedicated Server dan Colocation' started by Dika Haris, 19 Aug 2015.

Thread Status:
Not open for further replies.
  1. Dika Haris

    Dika Haris Apprentice 1.0

    Messages:
    299
    Likes Received:
    25
    Trophy Points:
    28
    Kakus terjadi pada tanggal 17 Agustus 2015. Dimna website yang saya hosting di DC kena hack!!
    AtCicodWkrjqU8zlxcdhG7lMXShe2-Jk3M3dWdGyso4t.jpg

    Walaupun yg dihack hanya index.php saja. tapi ini merupakan peringatan buat kami selaku pengelola.
    Apa yang harus dilakukan di sisi servernya, karna di sisi aplikasi kami sudah mengoptimalkan semuanya..

    Mohon Bantuannya bos @rendy , bos @junior riau
     
    Last edited: 19 Aug 2015
  2. rendy

    rendy Hosting Guru DWH Guardian Web Hosting (Company)

    Messages:
    2,792
    Likes Received:
    240
    Trophy Points:
    63
    ini webnya apa ya? wordpress?
     
  3. pedagang

    pedagang Expert 1.0

    Messages:
    672
    Likes Received:
    109
    Trophy Points:
    43
    susah juga ya,
    kalau server / web server diperketat bisa 'mempersulit' pengguna web-nya

    colek @junior riau
     
  4. Indodata

    Indodata Apprentice 1.0

    Messages:
    325
    Likes Received:
    35
    Trophy Points:
    28
    sewanya dedicated server ya?
    didalam server ada berapa website?
    pakai control panel apa?
     
  5. junior riau

    junior riau Hosting Guru Web Hosting

    Messages:
    3,227
    Likes Received:
    514
    Trophy Points:
    113
    can you mention what is semuanya?
    SQLi ?
    XSS ?
    CSRF ?
    RFI ?
    LFI ?
    Password Tweaking?
    Privileges Level Access Management ?
    Directory traversal ?
    Path/Direcotory Disclosure ?
    etc?
     
  6. pedagang

    pedagang Expert 1.0

    Messages:
    672
    Likes Received:
    109
    Trophy Points:
    43
    yes, di hiawatha web server saya selalu mengaktifkan di vhost :
    DenyBody = ^.*%3Cscript.*%3C%2Fscript%3E.*$
    PreventCSRF = yes
    PreventSQLi = yes
    PreventXSS = yes

    dll.
    pastinya semua web server ada mekanisme macam itu
     
  7. junior riau

    junior riau Hosting Guru Web Hosting

    Messages:
    3,227
    Likes Received:
    514
    Trophy Points:
    113
    secara default tidak,
    ada yang perlu tambahan tweaking
     
  8. mustafaramadhan

    mustafaramadhan Hosting Guru

    Messages:
    3,237
    Likes Received:
    857
    Trophy Points:
    113
    Yang jelas, php akhir-akhir ini sering update terkait masalah security. Usahakan pakai php 5.4+ karena php 5.3 ke bawah tidak ada update lagi terkait masalah ini.
     
  9. dhyhost

    dhyhost Hosting Guru Web Hosting

    Messages:
    3,926
    Likes Received:
    613
    Trophy Points:
    113
    yaps benar
    wordpress juga belakang ini banyak security update
     
  10. pedagang

    pedagang Expert 1.0

    Messages:
    672
    Likes Received:
    109
    Trophy Points:
    43
    salah satu proteksi terbaik adalah jangan cari musuh, selalu low profile

    = tabik
     
Loading...
Thread Status:
Not open for further replies.

Share This Page

Loading...