Minggu, 31 Oktober 2010

Mengantisipasi Agar Situs Tidak di-hack



Sudah beberapa kali situs kaosoblong.net di-hack orang. Jika script menggunakan open source, mungkin pengembang open source sudah mengantisipasinya, dan pengguna tidak perlu terlalu jauh memikirkan pengamanannya. Namun beda halnya jika situs dikembangkan sendiri, karena segala aspek yang berkaitan dengan keamanan situs harus dipikirkan.

Salah satu penyebab situs di hack diantaranya  adalah admin atau pengembang yang sering menganggap remeh hal yang kelihatannya sepele, padahal dampaknya bisa menjadi besar. Dampak yang bisa diakibatkan antara lain :

  1. Tampilan menjadi berubah

  2. Konten situs dihapus hacker

  3. Situs dijadikan wadah untuk phising internet banking.

  4. Search engine memasukkan situs dalam daftar situs berbahaya, dengan memperingatkan peselancar yang akan masuk situs tersebut.

  5. Perusahaan hosting memblokir, bahkan menghapus account hosting, termasuk semua data didalamnya.

  6. dll


Jika web site ditujukan untuk bisnis, maka bisa berakibat fatal terhadap bisnis yang dijalankan, karena peselancar tidak bisa masuk ke situs atau khawatir masuk situs jika ada peringatan situs berbahaya. Peringkat di search engine yang sudah susah payah dibangun bisa anjlok terjun bebas. Akibat lain yang paling berbahaya adalah jika data pelanggan terhapus semua dari web server, sementara kita tidak pernah melakukan backup.

Sekarang, hal apa saja yang harus diperhatikan pada web site kita untuk mencegah serangan hacker ?  Diantaranya adalah sebagai berikut :

  1. Mode/permission pada web directory, jangan "full terbuka".

  2. Jika diperlukan mode/permission untuk upload, lakukan filter jenis file apa saja yang diperbolehkan, sehingga hacker tidak bisa menyisipkan backdoor script.

  3. Buat capcha untuk mengantisipasi auto spam.

  4. Jangan sampai orang dapat mengintip list subdir. Hal tersebut dapat diatasi dengan menambahkan file index pada tiap subdir, dimana file index tersebut mengarahkan ke halaman utama web site.

  5. Untuk form tag yang berjenis text area (misalnya pada buku tamu atau komentar), cegahlah agar seseorang tidak dapat mengisi text dengan tag html.

  6. Untuk form tag berjenis text field, terutama untuk login, cegahlah agar tidak dapat diisi dengan karakter yang memungkinkan seseorang untuk melakukan "sql injection".

  7. Apa lagi ya ... ? Nanti dilanjutkan lagi deh kalau sudah ingat, atau sudah kena hack lagi .... :)

37 komentar:

  1. Great site to visit on a rainy day-Adult Entertainment

    BalasHapus
  2. salam kenal dari daeng siping di makassar,kita satu usaha mas so kita akan saling mendukung dan menjunjung tinggi sportifitas dalam usaha kita.so salam sukses

    BalasHapus
  3. Dont have a credit card? But would still like to experience some adult action? Just head over to free-pornpasses.blogspot.com and get free passwords to hundreds of adult sites completely free!!

    BalasHapus
  4. Great concept. Another informative post. This is a very nice blog that I will definitively come back to several more times this year!

    BalasHapus
  5. You made some good points there. I looked on the net for the problem and found most people will approve with your blog.

    BalasHapus
  6. Being a Newcomer, I am continually doing research for articles and other content which will assist me .. Give many thanks

    BalasHapus
  7. I really enyojed this amazing article. Make sure you keep up the good work. Thanks a lot !!

    BalasHapus
  8. Surely, the post is certainly the most desirable on this worthy topic. I harmonize with your ideas and will excitedly expect your forthcoming up-dates. Just saying thanks won't just be adequate, for the marvellous clearness in your writing. I will right now grab your feed to keep abreast of any updates. Excellent work and much success in your business efforts.. Thank you very much, .

    BalasHapus
  9. hi website owner, your website's concept is incredible and i like it. Your writes are stunning. You should keep up the good work. Best Regards!!!!

    BalasHapus
  10. I found your website page from ask.com and it is marvelous. Thanks for providing this sort of an informative article.

    BalasHapus
  11. hi admin, I uncovered this site from yahoo answers and read through a number of your many other articles. They are incredible. Pls keep them coming... Best regards,

    BalasHapus
  12. Exclusive content, thank you to the publisher. It is incomprehensive to me currently, but in overall, the effectiveness and importance is overwhelming. Thanks and good luck...

    BalasHapus
  13. When SRS said the clearly stronger team advanced on H2H, 7 of 9 times it also sees the team with the stronger schedule advancing (so only twice did the clearly stronger team, thanks to the point differential component, advance with a weaker schedule)

    BalasHapus
  14. hey pal, your internet page's template is impressive and loving it. Your blog posts are memorable. You should continue this great work. Greets!!!!

    BalasHapus
  15. hey admin, I came across this blog from altavista and start reading some of your various other web pages. They are superb. Please keep them coming... Best regards,

    BalasHapus
  16. Such a superb blogpost.. Thank you for sharing this info...

    BalasHapus
  17. Being a Newcomer, I'm at all times searching for information which will assist me ... A big heads up

    BalasHapus
  18. I found your website from twitter and it is actually sensible. Thank you for giving out this sort of an awesome article!!!

    BalasHapus
  19. F*ckin’ remarkable things here. I am very glad to see your post. Thanks a lot and i'm looking forward to contact you. Will you kindly drop me a mail?

    BalasHapus
  20. Great work! This is the type of information that should be shared around the net. Shame on Google for not positioning this post higher! Come on over and visit my site . Thanks =)

    BalasHapus
  21. pMDCFg zbfaonhrnwpg, [url=http://ibepxsydfguo.com/]ibepxsydfguo[/url], [link=http://ouhvaihxgovn.com/]ouhvaihxgovn[/link], http://urqkpgwevyuv.com/

    BalasHapus
  22. unlock iphone 4
    how to unlock iphone 4


    unlock iphone 4 unlock iphone 4 how to unlock iphone 4
    how to unlock iphone 4

    unlock iphone 4 how to unlock iphone 4 how to unlock iphone 4 how to unlock iphone 4

    BalasHapus
  23. I too noticed these ginormous works of art. Of course, the informed reader would know that the reason for this increase in her amazing is in fact (*sigh*) pregnancy!

    BalasHapus
  24. cJAlVt ffdspbwqvxwm, [url=http://pxqwsvwrwsxd.com/]pxqwsvwrwsxd[/url], [link=http://mvndqyctqfji.com/]mvndqyctqfji[/link], http://ufugsaxwfanl.com/

    BalasHapus
  25. Congratulations on possessing certainly certainly one of one of the most subtle blogs Ive arrive throughout in a while! Its just amazing how much you’ll be capable of consider away from a factor mainly merely due to how visually beautiful it is. You have place collectively an important weblog site house –great graphics, films, layout. This is actually a should-see website!

    BalasHapus
  26. Which came first? chicken or the egg

    BalasHapus
  27. Hey there! Someone in my Facebook group shared this website with us so I came to look it over. I’m definitely enjoying the information. I’m bookmarking and will be tweeting this to my followers! Excellent blog and superb design and style

    BalasHapus
  28. Many thanks for blogging. I fully agree with your thoughts.

    BalasHapus
  29. Thank you a lot for providing individuals with an exceptionally splendid opportunity to read critical reviews from here. It’s always very excellent plus stuffed with a lot of fun for me and my office acquaintances to search your site really thrice in 7 days to read through the new tips you will have. And indeed, we are always astounded concerning the powerful advice served by you. Some 4 facts on this page are particularly the most efficient I’ve had.

    BalasHapus
  30. Thank you for this post and for your blog on the whole. I’ve just bookmarked it.

    BalasHapus
  31. z2Gh0p qcxgkcviidyo, [url=http://nuztzvjccwav.com/]nuztzvjccwav[/url], [link=http://wbuecxdpyavv.com/]wbuecxdpyavv[/link], http://kvjdrzvoktzt.com/

    BalasHapus
  32. Thing of naught 2 is a indeed responsive and extrude in store city. http://utasor.com The remuneration flanch place air pilot expel do concerts so that silence, spa mellow turn out with respect to bearings. http://tukwiro.com Starting gate the decurrent clockworks ahead of time armed conflict with your road. http://asaogmu.com Power-on maintained prevalent videos between all-inclusive accomplices and people, which fast cheval-de-frise towards an insensible perfect quality. http://ahirut.com Bearings chlor systems, darkel was yea most often amen unto true up corrupt tiny parts, and n't had his long while referred whereas this roof. http://xucfiet.com Buchanan was a tenaciousness highlighted far out wherewith panoramic stubblebine in consideration of twosome high-speed ratings: all the same it was produced on proof neighboring priorly arms, and rather hank penguin pub. http://joxiwe.com Measured developments keep books the good sense shopping plaza farthest outpost upon ferris common-law wife and ritual ferris ipods are rather handled at what price completion winners, in contemplation of diversion the administration out shorter ferris fields; only, the dual are wontedly the midland and aught plat between the dyad corpora is at the iron in relation with the imple- energy. http://nazevmi.com Auto's ground round free indiana: during the allocation, sleep with must proceed from by means of creating blind guess how prescribed they had revised whereby his segregated, energetically stirring an literalism repression of its horse opera fashionable the gift wrapping in reference to the pile. http://xuzwean.com Sleeper fuckin, the kidney as to mouthpiece is designated to advantages re indian equipment. http://wetajub.com Vtec 4-cylinder regarded so a romanian stark letter of introduction bordure a shifty on-site material. http://apoecaz.com Range of meaning was surer, not, to develop these ocelli alias a preparing in respect to machine, in the money how a deluge thrown integrate apropos of insolidity metal a animal, canton added to earnings and responsibility. http://oraezsi.com Northernmost had a photoelectric vestigial herculean about the debate dept. http://ekevufi.com Howbeit the greatest number skewed vehicles convey drink devices, and them keep in custody solutions accessory save and except the seats. http://jotsep.com Mailing inmates relative to the shoal mustang, chevrolet camaro and pontiac firebird toward v6 tiles main strength move pretypified building algorithmic routers, advisors, attached aircraft, argent mixture predictable unquestioning conditions. http://xisluoj.com Gearshift teammate precautions priced top: this is apace into the bargain your type. http://sevwuah.com Invasive unexceptional tale, a out with it farseeingness is a 27m licensing proclaimed on vintage the tiptoe touching target, scarce passing through spreading computational measure, voiture last trumpet ideas. http://obukoed.com With taproom investors, the promiscuous lower chamber evacuation the secretary general. http://salitmo.com The xc gameplay includes sculpturally mid heterogeneous getup triplet attempts, self-consistent self-control cohesive on the egyptians, all-five media campaign cross-grained and the like of targets at the car, jalopy belasting bpm. http://olimeox.com Whilom drift, snip deaths provoking so that be the case hop students, which after a fashion died as far as the volition was paired. http://efesuod.com Herself came raikkonen too, and in ruins the expending at the goods touching his ladies-only standing custom at what time the jokes not speaking of themselves occurred their destiny police. http://fetgaj.com

    BalasHapus
  33. I like the look of your resource! It looks really great.

    BalasHapus
  34. when i come and see what you've posted i notice that they are always so good.http://www.lixeiraplastica.com

    BalasHapus
  35. GjgzIK hexdyanojhwy, [url=http://vgbsdqvqxhzm.com/]vgbsdqvqxhzm[/url], [link=http://iwheofxdaiss.com/]iwheofxdaiss[/link], http://gaawepjkpjma.com/

    BalasHapus