Need Advice on securing my Website

Discussion in 'Support Questions' started by LebArena, Jun 4, 2011.

  1. LebArena Member

    Dear all,

    First I hope this is the right place to post this lol
    Secondly, I am currently developing (not me I'm paying someone who knows what he's doing) a debate website for the youth of my country, #Lebanon. The site is still hosted on a temporary cheap server. I am planning to launch it soon, and I know it will be targeted by cyber warriors of the Hizbullah Organisation and other hackers paid by the Syrian Government.

    I need advice on the steps I need to take to make sure I secure my Website the most (hosting recommendations, programs and firewalls to protect the site, a check list of some sort...) I trust my techie, but if he's getting paid to do a job then he'll definitely leave out many things unchecked and wrap up the job. Also since he's in Beirut and I'm in DC, I can't always understand what the heck his responses to my concerns are, it's like he's talking gibberish on the phone.

    NB: I am a lawyer of profession, but consider myself a little techie geek(for my standards), but even my own threshold has become obsolete and I need to raise the bar of my knowledge. I'd appreciate any advice on how to start and where to start to teach myself on how to be a better programmer... It is the future and I find it unacceptable to continue being an illiterate in the programming language.

    Thank you for your help.
    • Like Like x 1
  2. Anonymous Member

    • Like Like x 1
  3. hushpuppy Member

    Sounds like a promising initiative.
    I'm tech useless myself; hope you get some help from some of the techies here.
  4. Anonymous Member

  5. Thre3 Member

    I stumbled upon this and would love to help...but i'm not sure how to better secure sites on servers
  6. Ogsonofgroo Member

    If need be join eXtremeTech or Major Geek's sites and ask there, also, google is your friend, try 'securing servers' etc., it does come down to basically having a good firewall set up and running properly imho.
  7. Google Member

    So you need to secure a server ? Fine. First you'll need to audit it, to do so you can use a wide collection of tools for the server side, you'll need nikto, backtrack, katana and alikes, the last two are linux distribution designed for pentesting, you'll also have to read a lot, I warmly advise to use metasploit to determine ways to correct any flaw detected. If you server is a web server you should enable HTTPS at least, take care of the encryption method if you're using SSL or TSL. Another must is to secure the network, so check your gateway also, only open necessary ports, and never install exploitable softwares or out dated software.
    To finish a good old moto, using a server is like sex, always safe, always best. ;-)
    • Like Like x 2
  8. A little knowledge is a dangerous thing!
  9. moarxenu Member

    Ahlan wa sahlan!
  10. Anonymous Member

    Begin with a list of what exactly you want to protect your server against. What services do you plan to run on your server? HTTP? HTTPS? POP3/SMTP? IRC? Anything else? Find out what services exactly you need and which port(s) they run on. Do you need protection against SQL insertion attacks? And so on and so forth, I don't like writing a sermon here.

    For firewalls here is an old but still very useful FAQ, which is mainly designed for home users, but has some useful information foe seasoned professionals as well:
  11. Anonymous Member

    The OP is sadly long gone - that was his first and only post to WWP :(
  12. SwordofTruth Member

    I'd advise you to contact HBgary.
  13. LebArena Member

    Hmm, so I paid an acquaintance to make me the website, he did half the job and got paid half the money for it (an enormous 1G for what turned to be a wordpress customized template with some minor coding) - So I asked another acquaintance to finish the rest and move the site to new servers... Still waiting for him since July pffft (when he found out the motif of the site, and since he has different political ideas, he's stalling)... So I went ahead and launched the pages that were ready, got hacked after a week of launching - my site was defaced and had a big 0wned! on its main page (suspecting an inside job from one of the 2 lovely guys I worked with) but I really dnt care at this stage.
    Right now blogging from a free wordpress template while my main idea is in limbo. Moral of the Story: Ignorance sucks, I will follow the advices and material posted here maybe I can salvage something, and in any case, be better informed for the future. Thanks guys for your help.
  14. Anonymous Member

    I smell both honest human and spy.

    I smell Chinese food.

    I do not believe WWP is the proper place to enquire about secured web services.

    Nom nom nom Chinese food roxors
  15. LebArena Member

    I'm srry...I didn't know where else to go, and I just googled "Anonymous forums" and WWP was the most friendly looking place - the other forums where more like a Jack Sparrow den lol Back when I first posted here I was afraid I'd cause my own project to fail by posting in a not so secure forum. Anyways, again, 4 months later, I was proven wrong - it didn't matter where I posted, unless you do the job yourself, you're never 100% safe ...
  16. Anonymous Member

    Trust nobody.

    Nice to see you again tho bro. You good?
  17. Anonymous Member

    Google: computer security forum. You'll get 24,000,000 options.
  18. Anonymous Member

    cover server in swamp mud, can't be seen
  19. LebArena Member

    lol, will do.

Share This Page

Customize Theme Colors


Choose a color via Color picker or click the predefined style names!

Primary Color :

Secondary Color :
Predefined Skins