Tampilkan postingan dengan label Security. Tampilkan semua postingan
Tampilkan postingan dengan label Security. Tampilkan semua postingan

Selasa, 11 Desember 2012

Tips Mengamankan Website Berbasis Wordpress


Berkaca dari banyaknya kejadian defacing pada website menggunakan CMS Wordpress selama beberapa bulan terakhir, saya pun memutuskan untuk memberikan tips sederhana untuk para website administrator untuk lebih memproteksi website mereka.

Apapun alasannya,, tindakan defacing merupakan suatu kegiatan yang ilegal. Tak perlu saya jabarkan UU ITE yang bisa digunakan untuk menjerat mereka yang mencoba mengakses suatu sistem tanpa izin karena saya yakin pada dasarnya mereka pun sudah memahami hal ini. Hanya saja, lemahnya penerapan UU ITE dan mandulnya polisi cyber di Indonesia membuat para peretas seolah merasa bebas melakukan defacing tanpa harus merasa takut. 

Banyak para peretas muda yang menjadikan defacing sebagai kegiatan untuk bersenang-senang. Motif lainnya tentu saja untuk mendapatkan pengakuan dari komunitas cyber di Indonesia. Agar mereka dianggap sebagai seorang Hacker?

Ups.. kebanyakan ngelantur ya? yo wiss,, lanjut ke topik utama.

Sebagaimana yang kita ketahui,, Wordpress merupakan salah satu CMS (Content Management System) yang memiliki sifat Open Source. Dengan sistem manajemen yang terdapat pada fitur admin-nya,, memudahkan kita dalam memodifikasi tampilan maupun memperbaharui kontennya. Wordpress banyak digunakan sebagai personal blog ataupun company profile bagi perusahaan.

Karena sifatnya yang Open Source, membuat banyak devoleper mengembangkan 3rd party berbentuk plugins. Plugins-plugins tersebut banyak dishare secara gratis.. tapi tidak sedikit pula yang berbayar. Banyak plugins yang bisa dimanfaatkan untuk mempercantik tampilan website, membuat website menjadi interaktif dan fungsional serta pelbagai manfaat lainnya. 

Nah,, sebagaimana yang kita ketahui bahwa tidak ada sistem keamanan yang benar-benar sempurna di dunia maya.. maka hal tersebut juga berlaku untuk CMS Wordpress. Selain bugs bawaaan dari CMS-nya itu sendiri, tidak sedikit bug's yang bersumber dari 3rd party alias plugins.. 

Lalu bagaimana kiat-kiat guna menambah keamanan pada website Wordpress kita? berikut beberapa tips yang bisa saya sarankan :

1. Selalu mengupdate versi Wordpress dan plugins yang kita gunakan.

2. Mengganti default name "Admin" menjadi nama lain dan menggunakan password yang terdiri dari kombinasi huruf dan angka. Misalnya cH4y4nk@m0ehC3lam@ny4 <-- alay="alay" div="div">

3. Mengganti tabel prefix default wp_ dengan yang lain. Misalnya j4nc0koe_.

4. Gunakan .htaccess guna ini melindungi wp-config.php. Tambahkan script:

# PROTECT WP-CONFIG.PHP & WP-SETTINGS.PHP

Order deny,allow
deny from all
# STRONG HTACCESS PROTECTION

order allow,deny
deny from all
satisfy all
 
# DISABLE DIRECTORY BROWSING
Options All -Indexes 
# PREVENT FOLDER LISTING
IndexIgnore * 
# PROTECT AGAINST DOS ATTACKS BY LIMITING FILE UPLOAD SIZE
LimitRequestBody 10240000

pada .htacces kemudian set chmod permissions-nya menjadi 0444.


6. Hilangkan information Wordpress dengan menambahkan script ini:

function no_generator() ( return '': )add_filter('the_generator', 'no_generator');

pada functions.php dan hapus file readme.html.

7. Disable folder system Wordpress dengan menambahkan script Dissallow: /wp- pada folder robot.txt,

8. Menyembunyikan pesan error dengan menambahkan script berikut:

ni_set("display_errors", 0);
error_reporting(0);
pada file wp-config.php, tepat setelah kode
9. Mengganti halaman default admin dengan menggunakan plugin Lockdown WP Admin atau bisa dengan cara manual.. cuma bakal lebih ribet nyettingnya :)) (mungkin kapan2 saya share juga tutornya tersendiri)

10. Menggunakan beberapa plugins security untuk memperkuat sistem keamanan pada website Wordpress Anda. Berhubung lagi males posting satu-satu,, Referensinya bisa dilihat di sini:


Yup.. Beberapa tips di atas mungkin bisa membantu meminimalisir terjadinya serangan defacing pada website yang Anda kelola. Akhir kata,, saya hanya berharap jika postingan ini bisa bermanfaat bagi Anda. :)

Salam..

Redbastard de Santoz

Rabu, 05 Desember 2012

Tips To Stop Phishing In Your Email Box



In many cases a person will find it difficult to determine what is a fraudulent email and what one is a legitimate one. Often we just do not have time to spend analyzing each email that we receive and below we provide some tips which can help to stop phishing attacks from occurring to you in the future.

Probably the best way to prevent any kind of phishing email getting access into your inbox is through the use of a anti phishing program. However these are not always the best way but certainly it is better than having no form of protection on your PC or laptop whatsoever. What is important for everyone to remember is that phishing emails are not spam and there are some programs on the market which can not actually differentiate between what is spam and what is a phishing email. Therefore when you are looking for a product to help tackle and stop phishing attacks then there are certain features that they should be including.

Blacklists – All good anti phishing products have been designed so that they should stop any known phishing emails from being able to bypass and get into your inbox. These blacklists will be able to specifically and easily identify those emails which are considered to be from scammers.

Content – If you can get one which comes with a content filter also this will then help to identify certain content within an email which is specific to phishing ones. Unfortunately just using a program that uses a keyword search for identifying whether an email is a phishing one or not is no good. This is because the phishing email can be too close in resemblance to what a legitimate email looks like. But by having a content filter feature in the program these are again geared towards being able to identify what is a phishing email and what isn’t.

Identification of Content Information – A good way for you to identify whether an email you have received is from a legitimate source or not is to look closely at the contact information contained within it. Normally a phishing email will contain some good links and/or phone number but also at least one fake link as well. Plus if they contain contact information from various different sources within the email then you should consider this to be an illegitimate one. However a good quality anti phishing program will be able to identify the coding tricks being used by the phisher within the email. Normally these scammers will attempt to hide their true URL by placing it within a link.

It is important that you remember that all phishing emails are very difficult to identify from either spam or those emails which have come from a legitimate source. But getting a program or product on your computer which contains the above features is probably one of the best ways of a person being able to stop phishing attacks occurring to them.

Source: antiphisingscams.com


How to Identify and Fend Off Phishing URLs



Tonight I'm gonna give you useful tutorial to identify fake or phising URL's. Since we browsing internet, We got lot of links, Some links are fake or phishing links - So how can we identify this kind of links?

Often people will receive an email or instant message from someone who they do not know which then asks them to sign into a website. It is then that you must be careful before you click on anything as you may well have received a phishing email or instant message. It will then direct you to a phishing website.

These sites have been designed in order for them to steal details with regards to confidential information by getting you to believe that they are a legitimate site. Sometimes people have found themselves going to a phishing website without realizing it because they have typed in the wrong URL by mistake.

Unfortunately when it comes to making a decision as to whether a site is real or not it can be extremely difficult for most people. The simple fact is that a lot of these phishing websites have been designed so that they look like a genuine site. Often these sites will have what looks like the right logos and graphics that you will find on the site that you would expect to see.

One of the best ways of checking to see whether the site you are looking at is a phishing website or not is by looking at the following things in your web browser’s address bar. There are certain things which should hopefully help to tell you whether the site you have reached is genuine or not.

Look closely at the sites name in the address bar. In most what a phishing website will do is their address will be slightly different (but not much different) from the genuine one. If you look closely you will see that they have misspelled the company’s name or will have added an additional character or symbol before are after the name of the company.

Another good way of verifying if you suspect a site to be a phishing website is to see if they have omitted the forward slash from the websites address name. So say for example you are browsing using Yahoo. Then in order to verify that the site is a legitimate Yahoo site after the Yahoo.com a forward slash “/” should appear.

Also if you unsure as to what is a phishing website or what is not then look carefully at any pop ups that it may have. Certainly when you have been directed to a site and it immediately asks you to enter your name and password in to a pop up window then be wary. There are some scams where phishing is involved that they have been able to direct you to what is a legitimate site but then use a pop up in order to gain your personal information. So if you are unsure whether the site you have entered is a genuine one or not it is best if you provide them with incorrect information and it still allows you to sign in then in all likelihood you have been directed to a phishing website. So it is best if you close this down and report it immediately to your browser provider.


Few methods to help you identified Fake, Scam or Phising links:


URLVoid
Urlvoid.com is a FREE service developed by NoVirusThanks Company that allows users to scan a website address with multiple web reputation engines to facilitate the detection of possible dangerous websites.

Site Safety - Trend Micro

This free service has been made available so that you can check the safety of a particular URL that might seem suspicious. Trend Micro reserves the right to block automated programs from submitting large numbers of URLs for analysis.


AVG is dedicated to taking web threats to a deeper level in order to keep users safe online.

In addition to viruses and malware, phishing, scams, bad online shopping experiences, and untrustworthy content are becoming increasingly widespread threats on the web. They can only be identified by human experience.

WOT widens the scope of Web safety from purely technical security to helping people find sites that they can actually trust. Based on ratings from millions of web users and trusted technical sources, WOT calculates the reputation for websites, using traffic light-style icons displayed via search results, social media platforms, webmail, and many popular sites. Green indicates a trustworthy site, yellow tells users that they should be cautious, while red indicates a potentially dangerous site.




Senin, 03 Desember 2012

Mengantisipasi Serangan Website yang Menggunakan Teknik Symlink


Belakangan, ane perhatikan banyak website terkena deface oleh attacker dengan menggunakan teknik jumping ala gangnam sytle.. eh.. ala symlink maksutnya.. :p

Hmm.. alhasil ane penasaran buat cari tau apa itu symlink dan bagaimana cara kerjanya, dan setelah ane sedikit baca2 referensi dari si mbah.. ane baru paham kalo  dengan menggunakan symlink, sang attacker bisa melihat file konfigurasi yang ada pada website target.

Dengan teknik ini attacker bisa mengintai seluruh website yang ada di satu hosting yang sama. Mereka ndak perlu bersusah payah menjebol 1 per 1 website, cukup satu website yang di jebol, yang lain ikut tertular :muntahbeha

Secara sederhana, metode serangan dengan symlink mengincar file-file konfigurasi yang tidak diproteksi dengan baik.. misalnya dalam hal pengaturan chmod permission dalam cpanel-nya itu sendiri.

Sang attacker bisa melihat isi dari file wp-config.php (pada wordpress) atau configuration.php (pada joomla)

Dengan melihat daleman config tsb, tentu aja attacker bisa mengintip username dan database website tersebut... terus dengan menggunakan sql manager yang ada pada shell yang mereka pasang,, attacker mengganti username dan password admin :suram



Setelah itu,, mereka tinggal mencari halaman administrator website tsb.. seperti yang kita ketahui, halaman default admin di CMS Wordpress adalah /wp-config sementara di joomla adalah /administrator


Soo... Ada beberapa cara untuk meminimalisir serangan website yang menggunakan teknik jumping server  ala symlink.

1. Mengganti hak akses pada chmod permission pada file wp-config.php atau configuration.php dari yang tadinya 0644 menjadi 0400. Cara mengubahnya tentu aja via Cpanel.. mosok lewat mbah dukun :))

2. Mengganti semua chmod permission pada folder yang tadinya 0777 (kalo ada) menjadi 0755

3. Memasang plugin proteksi halaman admin website. Contoh kasus misalnya pada website berbasis CMS Joomla!, coba pasang plugin k-secure untuk mengganti halaman default administrator yang tadinya www.namawebsiteanda.com/administrator jadi www.namawebsiteanda.com/administrator/?c1yu5m14p4h =))

4. Melakukan backup full website secara rutin. :)

5. Selalu update versi cms ataupun plugins/modul/ekstension pada cms yang Anda gunakan..

Yup.. sebenernya masih banyak cara2 lain yang bisa digunakan untuk meminimalisir serangan jumping server.. tapi mbok yow cari sendiri caranya.. googling.. mas.. googling... :p

Segitu dulu aja yak panduannya.. monggo ditambahkan kalo minat nambahin..

Ane mo tidoor dulu sambil mo tutup Warung Lesehan.. Hari ini banyak pelanggan yang ngutang >.<"


Minggu, 02 Desember 2012

XUS PC Lock v.4.1.68 - Aplikasi Pengunci Dekstop




XUS PC Lock offers a new and fun way for you to lock your computer. Before using XUS PC Lock, you have to define your lock pattern. The next time you will see the lock screen, You trace your mouse in the pattern you drew before and your computer will unlock.

Any other pattern and in any other order will not unlock the computer. XUS PC Lock can lock the whole computer. This is the most feature rich lock computer application available today with lots of customization options. XUS PC Lock is the ultimate customizable lock computer application allowing you to pick custom images for the lock screen.

XUS PC Lock can auto-lock the computer when windows startup and computer inactivity. XUS PC Lock allows you to set an alert mode when the incorrect pattern is entered a maximum times. If you want to lock your computer as lock a touch smartphone, Please try our XUS PC Lock. It is really awesome!

Features:

* A new & fun way for you to lock your computer.
* Support Multiple Monitors.
* Anti Key-Logger. XUS Dynamic Password Technology makes your computer more secure.
* The funniest, most customizable way to lock your computer!
* Have 3 built-in patterns: 3x3, 4x4, 5x5 you can choice.
* Locking and Unlocking animation effect.
* Be able to disconnect internet access when system is locked.
* Back up pattern feature.
* Auto-lock the computer when Windows startup or in idle mode.
* Set a timer to turn off monitor automatically.
* Show Time and Date on locked screen.
* Make your computer has Windows 8's lock feature.
* Alert if the incorrect pattern is entered a maximum times. Completely customizable.
* Custom background image, and lots of customization options for the look of the locked screen.



 What is the default lock pattern?


Unlock computer by below steps:

1. Mouse down at start point (Do not release the mouse button)
2. Mouse move to draw unlock pattern
3. Mouse up at end point to confirm

Download XUS PC Lock v.4.1.68 + Keygen

Rar Password : rajakadal

Kamis, 01 November 2012

XUS PC Lock Ultimate 3.3.6 + Keygen



XUS PC Lock merupakan aplikasi pengunci dekstop dimana key-nya ditentukan oleh pattern yang kita buat. Fitur pengunci yang umumnya terdapat pada ipad kini bisa Anda coba di dekstop pc/ lapie pribadi.

Monggo di download Filenya di sini

Kalo ndak bisa didownload, join dulu ama facebook group WarLes

Rabu, 31 Oktober 2012

Cegah Hotlink Pencuri Bandwith Melalui Cpanel

Pernah mengalami hal seperti ini pada website Anda?


Hal tersebut mungkin wajar jika lalu lintas pada website Anda memang Ramai.. tapi jika Anda mencurigai aktivitas yang tak wajar sehingga pemakaian bandwith Anda membengkak secara signifikan mungkin sudah saatnya Anda mengatur ulang settingan hotlink pada cpanel.

Bandwidth Limit Exceeded biasanya dikarenakan banyaknya gambar dari web kita yang dipasang pada website lain, sehingga menyebabkan bandwidth hosting kita menjadi full. Ada cara memproteksi hal tsb dengan cara berikut:

1. Masuk Cpanel website Anda, lihat pada bagian security, kemudian klik Hotlink Protection.


2. Aktifkan (enable) fitur HotLink Protection.


3. Input data yang diperlukan (lihat contoh di bawah)


4. Jangan lupa siapkan halaman redirect request to this url. Bisa Anda buat sendiri ataupun diredirect ke situs lain seperti google.com.

5. Klik submit untuk mengakhiri settingan hotlink protection.

Selesai. Semoga tips ini bisa membantu Anda dalam mengatasi permasalahan Bandwith Limit Exceeded yang tidak wajar.

Menambahkan Baris Code .htaccess Pada Joomla


Penggunaan mod_rewrite juga merupakan hal yang penting untuk mengamankan website joomla anda, jika server hosting yang anda gunakan belum mendukung mod_rewrite atau untuk cara mengaktifkannya dari sisi server hosting alangkah baiknya anda menghubungi bagian pendukung server hosting yang anda gunakan.

Jika anda belum memiliki file .htaccess pada folder utama website joomla anda, maka langkah yang perlu anda lakukan adalah merubah file htaccess.txt menjadi .htaccess, kemudian tambahkan kode berikut pada bagian paling bawah :

#### @RS
# Prevent most common SQL-Injections
RewriteCond %{query_string} concat.*\( [NC,OR]
RewriteCond %{query_string} union.*select.*\( [NC,OR]
RewriteCond %{query_string} union.*all.*select [NC]
RewriteRule ^(.*)$ index.php [F,L]
#### @RS

#### @RS
# Block most common hacking tools
SetEnvIf user-agent "Indy Library" stayout=1
SetEnvIf user-agent "libwww-perl" stayout=1
SetEnvIf user-agent "Wget" stayout=1
deny from env=stayout
#### @RS


#### @RS
# Deny access to php, xml and ini files
# within components and plugins directories
RewriteCond %{REQUEST_FILENAME} -f
RewriteCond %{REQUEST_URI} \.php|\.ini|\.xml [NC]
#RewriteCond %{REQUEST_URI} \/components\/ [OR]
RewriteCond %{REQUEST_URI} ^\/includes\/|^\/administrator\/includes\/ [OR]
RewriteCond %{REQUEST_URI} \/language\/ [OR]
RewriteCond %{REQUEST_URI} \/libraries\/ [OR]
#RewriteCond %{REQUEST_URI} \/modules\/ [OR]
RewriteCond %{REQUEST_URI} \/plugins\/ [OR]
#RewriteCond %{REQUEST_URI} \/templates\/ [OR]
RewriteCond %{REQUEST_URI} \/xmlrpc\/
RewriteRule ^(.*)$ index.php [R=404,L]
#### @RS

Semoga artikel ini bisa menjadi panduan dasar bagi Anda untuk mengamankan web berbasis joomla Anda.