Hacking A Website

In this post we will discus a little about hacking a website. A website is hosted on a web server so if you hack web server you hack website. So first of all let’s see what are some basic types of web server vulnerabilities which can lead to security breach.

You must know that breach in security of web server can also provide attacker a door to internal network and hence owning a web server can give attacker an exponential advantage. Basically there are only three types of web servers available on which world hosts their web sites.

-Internet Information Server (IIS) by Microsoft
-Apache
-Apache Variants
Following are some web based vulnerabilities which can lead to security breach of a web server.
Misconfiguration In Web Server Settings. Most people don’t employ professionals while creating and hosting their websites, a non-pro might hardly know anything about web server security and hence he/she may leave all settings to defaults or at most basic level thus giving even skids a full chance to breach it.
Faulty Programming Practices. One of the most found reasons for web security breach is faulty programming practice while creating web sites. A vulnerably developed code can be found on thousands of website around. To avoid this problem at least one skilled and experienced programmer should be kept in charge to check faulty programming practice.
Lack Of Security Policy. A security policy should implemented properly while web development phase. You might have seen several websites which disallow download without registration but when a user arrives at membership page he/she finds direct link in source code for download. Though this seems non catastrophic but it can also act as severe threat.
Vulnerabilities In Web Application. Web application vulnerabilities generally includes SQL injection attacks, XSS attacks, RFI, LFI buffer overflow etc if you don’t know any of the following terms don’t bother I will cover them in detail in future posts.
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s