There are some people who can access to Admin Control Panels of web applications witch written in php.
please anyone tell me how to stop such hackers and get more security to our php scripts ??
thankz in advance.
[ Post made via Mobile Device ]
How to stop hackers who hacks php web sites
Re: How to stop hackers who hacks php web sites
Rksk,
This is not possible unless the user get to know your login information. PHP codes are processed in the web server and you will only get the output of processed scripts. You can notice this by seeing the source on the web browser.
How do you know a hacker is attempting to hack your site?
In case you suspect, change the admin login information as soon as possible.
This is not possible unless the user get to know your login information. PHP codes are processed in the web server and you will only get the output of processed scripts. You can notice this by seeing the source on the web browser.
How do you know a hacker is attempting to hack your site?
In case you suspect, change the admin login information as soon as possible.
Re: How to stop hackers who hacks php web sites
Neo,
I found that,
there is uknown admins in the online list of my community.
i've added 2 securiy optione for head admin with two passowords.
1st is entered at the login and 2nd should entered in a secret page to set a cokie.
but these hackers pass the 2 gates and show they as head admins.
someone says they can do sql injections too.
[ Post made via Mobile Device ]
I found that,
there is uknown admins in the online list of my community.
i've added 2 securiy optione for head admin with two passowords.
1st is entered at the login and 2nd should entered in a secret page to set a cokie.
but these hackers pass the 2 gates and show they as head admins.
someone says they can do sql injections too.
[ Post made via Mobile Device ]
Re: How to stop hackers who hacks php web sites
Okay. Let's learn what is sql injection first.
SQL injection is not php specific. It affects all server side scripting languages. Read the prevention part of the above post to have a brief understanding on what is required.
The first thing you should do is to store password hash instead of password to your database. PHP has lots of built-in one-was hash implementations. You can use md5 or sha1 pretty easily.
Steps are given below.
On New User Registration stage,
With these simple steps, I'm sure you can get rid of most of the common hacking attempts.
Good luck!!!!
SQL injection is not php specific. It affects all server side scripting languages. Read the prevention part of the above post to have a brief understanding on what is required.
The first thing you should do is to store password hash instead of password to your database. PHP has lots of built-in one-was hash implementations. You can use md5 or sha1 pretty easily.
Steps are given below.
On New User Registration stage,
- User enters username and password.
Code: Select all
$password_hash = md5($_POST['password'] . "some random text");
- You store $password_hash to database
- User enters username and password.
- You read username and password_hash from database
Code: Select all
if ($_POST['username'] == $db_username && md5($_POST['password'] . "some random text") == $password_hash){ // correct entry }
With these simple steps, I'm sure you can get rid of most of the common hacking attempts.
Good luck!!!!
Re: How to stop hackers who hacks php web sites
many newbie php coders doesn't think of the fact that their script might be vulnerable to sql injection, this is the cause of why they get hacked.
you will need to remove that vulnerability from your script to make it safe.
tell me if you need help on this.
you will need to remove that vulnerability from your script to make it safe.
tell me if you need help on this.
Re: How to stop hackers who hacks php web sites
Thankz friends.
Now i've fixed these holes in my phps and now I'm not fear of hackers now.
I got many things from NET.
I'll post some articles here with witch I learned.
[ Post made via Mobile Device ]
Now i've fixed these holes in my phps and now I'm not fear of hackers now.
I got many things from NET.
I'll post some articles here with witch I learned.
[ Post made via Mobile Device ]
Re: How to stop hackers who hacks php web sites
Rksk, Pansophic is going to be a great asset to ROBOT.LK where we can share his knowledge and expertise.
Pansophic, Can you please introduce yourself in Introductions section so we all know each other better.
Pansophic, Can you please introduce yourself in Introductions section so we all know each other better.