Although my site is still far from done, I’ve started thinking about web security. This site will be extremely public and contain important information people assume is true, that I wouldn’t want hijacked. It’d be a disaster is this site got hacked, so I started thinking of some ways to protect it, or fight back.
Everything has been made with dynamic html through PHP, except for error messages, which use javascript popup alerts triggered by PHP cookies. There are textbox forms and dropdown boxes, all encased with htmlentities to prevent code from being run.
So I started thinking, “what are the ways that my site’s security could be compromised, what weapons of choice do hackers use?”
-
I know about changing the source code of the site with tools like firebug or chrome for themselves, but that shouldn’t matter because I use PHP, and I’m more worried about what EVERYONE sees.
-
They can use javascript injections
-
They could submit code to execute to the forms
-
They could DDoS the site, which would crash it and to which I don’t know of any defense. But I really don’t think I’d be dealing with a entire faceless group of internet megaterrorists.
-
They could change the html of email submission forms to get my password sent to me (them).
-
They could bruteforce my password for the server/ftp, but I use strong passwords by using all types of characters on a US keyboard.
So what are the ways can I protect my site from being hacked? What are all the ways (or general tactics and categories) that hackers choose to destroy or exploit sites?
Are any of the things from the list of defense traps a good or possible idea??
First thing’s first, security is a huge area, way too broad for a SO question, but I’ll try to address one or two of the things you mentioned.
Firstly, I believe you’re underestimating the ingenuity and danger of some of the attacks which applications are exposed to on the internet these days. The items you mention do cover a few of the more common and well known attacks but you can’t simply explain how you’re mitigating those few and be satisfied that your site will be safe. If you expect attention from hackers on your site (and even if you don’t), you should be coding with security in mind from the very start. I’m not even going to try and go into detail on that statement here, as it’s the subject of several books, suffice to say that the items you mentioned don’t even begin to cover anything like the amount of attacks that are out there.
As for all the ‘traps’, clever as they are, I wouldn’t bother. Most variations on the ‘security by obscurity’ idea are generally wasted effort – an attacker will generally have ways of finding the traps before they’re tripped, or even avoiding them entirely. At best, you’d catch them once, then they simply use the same attack to get in again and second time they don’t make the same mistake. All the difficulty of coding the traps, and having to go through annoying routines to log in as a legitamate user for no real gain in security.
Finally, I think you should focus less on brute forcing, and more on the attacks that are based on exploiting vulnerabilities in your actual code, database structure, server solution, etc. Sure, implement your idea that blocks logins for a while after x failed attempts, but in reality the correct security solution here is having passwords that would take a prohibitavely long time to brute force and making sure they aren’t shared with anyone or, (heaven forbid) stored in plain text on the database.
Those are just a few thoughts, anyway. I’d recommend picking up a book on the subject, as it’s far to wide an area to explain in an answer here, and I don’t have the expertise to do so at any rate.