Learning to fight the enemies of your site....

Friday, October 05 2007 @ 01:47 AM EDT

Contributed by: aj

You know, I'm a pretty even-tempered guy. But when a bunch of Russian thugs attack my site with their constant barrage of spambots and then ultimately, send out solicitations on the chat panels to our users to send their email addresses in to the spammer so he'll stop spamming you, then that does it for me.

I took some actions that put the offending spammer, along with an entire continent out of reach of the IAmAWitch.Com domains.

While I won't go into the specifics of my own actions with regard to site security, I can state that with enough research and care attending to your logs, you can protect your website with a layered security approach that while not perfect, sure will discourage many a spammer or hacker from attacking your site.

The thing here to realize is that these folks can spend a lot of time learning to overcome your defenses, but if you take appropriate steps and keep up with the latest techniques and countermeasures, yours could be the site that is free of problems and rich in remaining bandwidth.

Here are some best practices to use on your Pagan site when it comes to locking it down and protecting it (in relative order of importance):

  1. Backup your site and download the back to your PC or removable hard drive/media.
  2. Use the security tools your provider often will be providing to you as part of your package.
  3. Learn how your portal software works and customize it to be "non-standard" with user registrations.
  4. Don't depend on Captcha or other automated systems alone. Queue up new user requests and make your prospective users answer questions that force them to interact with you.
  5. If using PHP for your site software, use Bad-Behavior to stop the bulk of spambots from hitting your site.
  6. If form spammers are trying to hit your back-end code, then lock it down with security checks to see where the referrer is coming from and only allow your own domain to submit forms to the back-end handler.
  7. Use client-side JavaScript to validate forms and do rudimentary security before the submission ever takes place.
  8. Add software to scan for SQL injection attacks in the appropriate places of your site architecture.
  9. Keep your site updated with security patches and regularly scan your site logs for trends.
  10. Use your .htaccess file to block the worst offenders and set rules that scan for harmful strings or combinations of strings.
  11. Don't waste time responding to attackers provocations via email. Instead, learn what they have to teach you and then defeat them quietly and without fanfare.
  12. Decide who your audience is and use geo-IP software and custom techniques to block entire portions of the IPV4 address space. If the hacker (or a country known for hacking activity) cannot reach the site, they cannot hack it.
  13. Finally, install listings of bad email addresses for the spammer's systems to find. You can also install honey pots to track and participate with other site owners in large groups to fight back and wrest control of your bandwidth and security back to your side of the fence.
This takes work. If you aren't sure how to do some of this, then find someone who can set up the more important elements and then take the time to learn what it takes to really secure your site. You'll be the better for it! Feel free to comment!

AJ

Comments (0)

CodeOfIsis.Com
http://codeofisis.iamawitch.net/site/article.php?story=20071005014730454