Elxis CMS Forum
Support => Security => Topic started by: Superman859 on May 24, 2007, 21:28:46
-
I'm new to security issues, but I would like to make sure my installation is as secure as possible.
I understand what SQL injections are, but as this is my first time working to prevent them, I just seek a little guidance.
I can enable defender, but it says it is useless without filters. What exactly do the filters do when you add them? Anytime SQL code is executed is it searched to make sure none of the words from the filter list are part of user input?
While I may not fully understand how it works, I would like to make sure that it is set up correctly. Should I add all the example filters to the list? Or should I add the red ones? Or are those merely examples and I shouldn't just go by those?
Being new to this, I'd like some ideas on which filters to use to make the server much more secure, but it's difficult to know on my own as I do not have all the needed knowledge yet.
--
On a side note, I have initially done the red ones as I thought they were more important. One of them is mosConfig_. However, this gives serrors when I don't think it should. For example, I had defender enabled with that filter and went to Language Manager. I opened a language file and looked at it. It was unwriteable (I was just looking anyways), so I clicked cancel. The result? Elxis Defender - Request Dropped
So, I'm not sure what I'm doing wrong, but I had to remove that filter.
-
Don't be overworried, Elxis is very safe, even without defender... However, it is better to have it on. you can add all the filters in the list, but be advised that this would slow down Elxis. Use up to 15 max. I personally rely more on server security setting, such as hotlink protection, .htaccess, etc. Anyway, NOTHING can be fully secured. If a man thinks of some way of protection, another will find a way to overcome it. I'm not saying it's useless to defend yourself. But, I consider an honour if someone spends hours to deface my site, because it means my site is important. ;) Some call it marketing strategy. Relax, man, but keep security as high as you can.
-
Till now we have zero (0) hacked Elxis sites. This does nt mean that Elxis is un-hackable but that we have take very seriously the security issue. Elxis defender is an extra measure that you can take if you feel more secure with it. I personally use it in all my sites as an extra protection level. As for the filters: use the SQL related like UNION, JOIN, BENCHMARK etc. These are the most important and the most frequently used in exploits. Don't use too many because they will slow down your site. It is not wise to speak in public about what filters to use because no one must know your filters! There are so many ways you can trick mysql (ie by adding comments... ) that all the filters can be bypassed by an advanced hacker. So:
1. There is no absolute security but you can have a high level of security
2. Use custom filters in Elxis defender
3. Enable flood protection if you have automatic scans on your site (you can see it from your apache logs)
3. Secure your server and your php installation
4. Don't use insecure third party software
5. Disable what ever you dont use.
6. Set permissions wisely.
7. Backup your site and DB frequently
8. Update your site whenever an update is available