Back to Question Center
0

Semalt: Indlela yokuqinisekisa ukuba iSayithi lakho likhuselekile kwi-Hacker

1 answers:

Ukuchithwa kolwazi lomntu siqu ngumngeni okhulayo kubasebenzisi be-intanethi. IUlwazi lubandakanya imifanekiso engabonwayo, ulwazi lwekhadi lesikweletu, idata karhulumente, ii-ID kunye neephasiwedi. Oku kuthetha ukubaIhlabathi labaxhasi liye lalawula i-intanethi kuwo onke amanqanaba. I-Newbies ingase ingayiqondi indlela iiblogi zabo okanye iiwebhsayithi ezinokuthi zithathwe ngaphandleulwazi lwekhadi lesikweletu. Nangona kunjalo, abagculeli, banqwenela ukuguqula ii-nondescript kwiindawo ezinobungozi be-spy bots,ulwazi ngaphandle kolwazi lwakho. Ngaphezu koko, banokungena kwi-database yolwazi lwe-newbie kwaye baxhaphaze okanye bachithe idatha ebalulekileyo kwayeukufaka iikhonkco ezinobungozi okanye iseva yokubamba i-hijack.

Nazi iindlela ezilula ezibonelelwa nguMichael Brown, uMphathi weNtengo kaMthengi Semalt IiNkonzo zeDivithali, ungasebenzisa ukugcina abahlaseli kwibala:

  • Okuphambili, hlaziya zonke iifayile yakho. Umnini wesayithi makaqinisekise ukuba nayiphi na intoisofthiwe abayisebenzisayo isesikhathini kungakhathaliseki ukuba iiwebhusayithi zabo zadalwa ukusuka ekuqaleni okanye ngokwakha iwebhusayithi ye-DIY kumntu wesithathuyesikhulumi sekeykey. Ababoneleli be-CMS njengoJoomla kunye ne-WordPress bahlala bezama ukukhulula ukuhlaziywa rhoqo kunye neepatches, ezenza isofthiwe iphantsiekhuselekileyo kwiindawo. Ngaloo ndlela, qinisekisa ukuba ufake ii-updates kwaye usebenzise inguqu yakutshanje exhasa iwebhusayithi yakho yonke ixesha.
  • Okwesibini, yenza iziqulatho zokhuseleko kwiiwebhusayithi zakho..Nje ngokuba uhambai-antivirus ngaphambi kokuphequlula iwebhu kwikhompyutheni yakho, kufuneka ube nenkqubo yokukhusela, ekhonza njengeqhinga lokuqala lokuvikelangokuchasene nokuhlaselwa. Umzekelo, i-Web Application Firewall yinto efunekayo yokuzikhusela. Kuhloselwe ukuhlola i-traffic kunye nokhula ngaphandleisicelo esiyingozi kwaye ngoko ke ukukhusela ekuhlaselweni kwe-SPAM, i-SQL injections kunye ne-Cross Site Scripting.
  • Okwesithathu, tshintshela kwi-Hyper Text Transfer Protocol (HTTPs). HTTPsinkqubo enxibelelwano olukhuselekileyo esetyenziswe ekudluliseni umxholo onobukhulu phakathi kwiseva yewebhu kunye newebhusayithi. I protocol idibanisa i-SSL(I-Sockets Layers Layer) kunye ne-TLS (Ukhuseleko lweLoqo lwezothutho) kwi-HTTP yesiza ngokokugcina idatha yakho kunye nabasebenzisi ekuhlaselweni.
  • Ngokulandelayo, sebenzisa iiphasiwedi ezinamandla kwaye utshintshe rhoqo. Kukho ukwandaabahlaseli bamagorha abanobuqili abachanelayo ngokuchanekileyo amagama abasebenzisi kunye neephasiwedi ezidibeneyo. Ukusetyenziswa kweephasiwedi ezinamandla yindlela efanelekileyoyokunciphisa ukuhlaselwa kwesichazamazwi kunye namandla anonya. Ukongezelela, iiphasiwedi eziqinileyo, zibalulekileyo kumphathi, database kunye newebhusayithi yomncedisi.
  • Ekugqibeleni, yenza iirejista zokulawula zilukhuni ukubona. Hackers bafumana ukufikelelaulwazi lwewebsite ngokusebenzisa umthombo kunye nezikhokelo zokulawula izikhokelo. Bangasebenzisa izikripthi, ezikhangela zonke iirejista kwiwebhuumncedisi wemigqaliselo yokunikezela njenge 'login' okanye 'admin,' kwaye unqamise ukukhuselwa kwesiza sakho ngokungena kula mafolda. Ngaloo ndlela, qinisekisa ukubaukhethe amagama omnxeba omlawuli ongafanelekanga, owaziwayo kwiqela lakho lonjiniyela ukunciphisa ukuphulwa okungenzeka.

Ekugqibeleni, kwihlabathi lokhuseleko lwe-intanethi, nayiphi na iwebhsayithi ingahlaselwa. ImpumeleloUkuhlaselwa kuyingozi kumninimzi wedatha ngaphezu kokungcolisa ulwazi lomsebenzisi. Ngaphezu koko, ukuhlaselwa kungabangela iGoogle kunye nezinyeIinjongo zokukhangela kwi-intanethi yewebhu ukuphepha ukusasaza ulwazi olubi kwiwebhu. Hlala uhlala kwicala lokulumkisa.Yenza okungenani amanyathelo amathathu asemgangathweni anikwe apha kweli nqaku ukuphepha ukujoliswa kwabahlaseli.

November 28, 2017
Semalt: Indlela yokuqinisekisa ukuba iSayithi lakho likhuselekile kwi-Hacker
Reply