3 Steps to Secure your Site
I recently experienced a sql injection attack on one of my sites. The hackers were able to gain entry to the admin control panel by tricking one of the scripts into revealing the hashed password which they could then crack and use. The script author quickly figured out and patched the entry point but this got me to thinking about common sense things that we might be able to do to protect our database driven sites, things that would require no serious knowledge of PHP or scripting.
Just because this exploit was patched does not mean that another one will not be found. What if there were steps you could take so that a hacker could not gain access even if they had your username and password. Towards that objective I offer you this list.
Remove the login link:
The first thing I did was to remove the login link from all the web pages. I as the admin am the only person who needs to visit that page. A login link is convenient to use; but why invite the merely curious by providing a link to the login page. Most scripts make this removal an easy process as it is usually located in the header, the navigation menu or the footer. By removing one hyper-link from one place, you can eliminate it from the site pages. You will still be able to load the page by entering yoursite.com/login.php or whatever the link was named or becomes. This is the first mall step.
Rename the login script:
The single biggest change you can make is to rename the login script to some random filename.php. Seven or eight random alpha-numeric characters and add .php. As an example only: Xblktqp89.php. Now we have some real security. Even if the hacker knows your login name and password he can't login if he can not find the login script. Of course it is good preventive medicine to take a look at your logs on a regular basis and see if someone is trying random file names. This file should also be renamed on a periodic basis. All you have to do is remember what you named it. This has worked with all that I have tested it on. The only time an error will result is if you fail to enter the proper identification and the login script attempts to reload itself. That issue could be resolved but I want to keep this simple so that anyone can do it.
Change the Username and Password:
The final step is to change both your username and password to something you have never used anywhere else because you may have already been hacked and they just haven't gotten to you yet. Most scripts allow you to this from the admin control panel and some only allow you to change the password. If your script does not allow for changing the login name then you will need to do it via phpmyadmin.
The process is fairly simple as long as the user name is not hashed (encrypted). If it appears in plain text as in the example below then you are good to go. Login to phpmyadmin and select your database. When the tables are displayed in the left hand column (not shown) simply click on the browse icon beside the table which contains the login info. The table information will then be displayed as in the example below. In this example you will notice that neither the name nor the password is hashed because this is a script under development and I have not added that feature yet. The username and passwords have been edited for this for this example. When you have this screen up in your browser simply click on the pencil icon to edit the information.
That will bring up the edit screen. In this example below I have color coded the items you need to change. They are in red. Simply type in the new username and the new password (do not try to change a hashed password this way unless you know what you are doing) and click the GO button. You should then receive a confirmation screen that the values have been updated.
There you have it. Three simple steps that anyone can do that will help protect your database driven site.
This article was published January 11, 2009.