Well, at least 3 times a week i read about sites getting hacked, and i read every time the same
questions like "Did you install all bugfixes", "Do you have a secure password"
Yes we have!But why is my site being hacked even if i did all the fixes etc?Because you can do more!I won't discuss server related things here, because most of you don't have root access to your server,
but some simple thing's you
can do will do the job
Here we go:
Step ONE to a more secure siteGettin' rid of the yoursite.com/admin directory1. Make a new folder in your 4images and called it something like "
87cfgh77FG1F0C"
2.
Move all your files from your admin folder into the new folder you created
3. Insert an empty "index.html" file in your admin folder
4. Open now yoursite.com/87cfgh77FG1F0C/admin_global.php and search for:
include(ROOT_PATH.'admin2/admin_functions.php');
and replace "admin" with the name of your new folder
5. Save it.
6. You do the same modification in all files located in your former admin directory, wich include path to "admin"
7. Search google for "htaccess" and put an extra login to your new folder
------------
Now your admin area is securet twice, first with the new name of the admin folder, and second, with the additional login (using the htaccess)
DONT change your other php files to use direct links to that new folder. You have to manually enter the admin area with an bookmark, and
for example search for the image you want to modify. No direct link from your homepage anymore - witch makes it more difficult to administrate, but more secure.
Again, i can tell you how to directly link for example "edit image"/"delete image" to that new folder, but the changes we've made would have no effect.
TIP: If you want to edit something, simply copy the adress and replace "admin" with the name of your new folder.
Step TWO to a more secure siteBecause you wife's name isn't hard to guessDon't use ever normal passwords like "qwerty", "sexy69" or "paaasword" - You really don't know how smart current hackers are. There are so many ways
to hack or even guess such a password. Use password's like:
ab2j87ffe
c4v5hh7k
and so on. I know, it's hard to remember. But after 3-4 days you will remember the password.
Step THREE to a more secure siteTrojan horses and 4imagesNEVER login into your 4images site from:
- public computers (most of them have keyloggers installed)
- your friend's computer (trust no one!)
Use only your own PC if possible. And when you use it, make sure you have a
good anti virus program installed (kaspersky, norton).
Trojan horses are one of the top reasons sites get hacked! Someone mails you an "greeting card", and you open it because you're curious,
and that's it - a trojan horse on your computer. It mails now all passwords, onlinebanking details, EVERYTHING to the hacker!
So please be sure you use
an every day updated anti virus program! This is VERY important!
Well that's it for now - i can assure you, that following those 3 steps will make your site 90% more secure!If you have any questons please write in this thread, don't write me PM's about that topic.
Greetings,
George