Objectives , types and methods of struggle
Competition is not always fair , especially in cases where there is a struggle for every customer . Many business owners and would- optimizers , besides normal use traditional ways to promote "black" methods that allow you to raise your website by others. Including - Attack on the site, which prevent them from getting into tops that take away their customers , etc.
Become a victim of the attack can completely random sites ; if you are trying to " bury" the entire server , or even an entire network , suffer all the resources that are placed there . Despite the fact that such actions are punishable , many attackers it does not stop .
Absolute protection against attacks on the site is not. If criminals will have a strong desire and a big budget , they did not stop . But you can minimize the risks . Just need to remember that no one is immune from this , and you always have to have a way to retreat .
Many webmasters forget that the vast majority of problems with sites occurs because the most simple things. Do not blame some mythical hackers and themselves. Inattentiveness , over-reliance on partners , neglect basic security measures - these are the main reasons leading to vulnerabilities . That is, it all comes down to the human factor .
Targets of attacks
In general , the following objectives:
- Production of information ( passwords , access to hidden areas of the site );
- Bringing the server inoperable ;
- Placing on the pages hidden links , viruses , etc. ;
- To gain full access to the server ;
- Lowering the position of the site in search engines , or its complete loss .
Attacks can also be divided into external and internal . Internal call everything associated with the unauthorized accessing sites or servers, external - those attempts that are achieved are not connected to this server methods , such as various types of spam or defamation .
If internal attacks can actively fight , the external things are somewhat more complicated. Although the influence of external factors is not so great , the owner of the attacked server can not control the situation, which puts him in a vulnerable position in crunch fight against spam.
types of attacks
Ddos
The most unpleasant kind of attacks, which leads to a complete stop server activity ( at least one ) . The worst part about it is that full protection from it is not. If the attack is powerful enough , the server will lie up until it stops.
Another characteristic feature of this kind of attack is its accessibility ; not need to be an expert hacker to "put" server competitors. Need money or owning or botnet. And for a small DDOS enough and just a few computers with internet - wide channel. Therefore, this kind of
"Ddos" translates as " distributed denial of service ." The essence of the attack is a huge number of requests to the server committed a large number of computers . Because it exceeded the permissible load is many times the server " crashes" . With most of the attacking computers are ordinary household desktops infected with trojans. The user is unaware that his attackers use . A network of infected computers called botnets . The more there is in the world of Internet users and lower qualifications (and it is very low in the total mass ... ) , the more computers will be involved in botnets and hence power attacks will grow. However, recent trends suggest a slowdown total power DDOS as hackers profitable direct efforts not to fight with competitors or ideological opponents , and immediate earning money by fraudulent means.
Power DDoS attacks is measured in the amount of traffic sent to a server in a second. With powerful attacks ( more than a few gigabytes per second) is extremely difficult to fight such volumes of traffic is almost impossible to filter. Services against such troubles are very expensive. Of course, powerful attacks can not last long , but simple daily large commercial website may lead to a serious loss of millions in losses and reputation.
Attacks are not only on individual computers , but also on the whole national network and the root dns server, which results in inaccessibility of Internet in entire regions .
As a precaution DDOS can recommend to host sites on a server that has a good supply of resources. If it will work on the limit , making a single attack or even just jump attendance lead to a fall , and if there is a reserve - then you will have time to take action . Make sure that the server was not " weak links " , ie those elements that first stop working when the load increases .
Universal automatic methods to counter DDoS no . Here it is necessary to use all the complex - a firewall , traffic filtering , the work of qualified professionals. Low efficiency of protection supported by the fact that DDoS subjected to even the largest sites - Microsoft LiveJournal , etc.
As simple methods against weak attacks can recommend:
- To give instead of the home page ( if the attack is on it ) page with a redirect . Since its size is much smaller , then the server load is much less; - If the number of connections from a single ip exceeds a certain number , enter it in the black list ;
- Reduce the number of clients (MaxClients), both connected to the server ;
- Block foreign traffic , as most attacks come from Asia ;
You need to have a separate independent channel to the server through which you can gain access to it in case of unavailability of the main . All server software should be regularly updated , to put all that went out patches .
Some sort of DDoS attacks can provoke or other search robots actively indexing site. If the engine is not optimized site , a large number of requests for pages in a short period of time will cause too high a load on the server .
Hacking servers and posting links or viruses
Many novice webmasters find hidden links to their sites only when these links have led to negative consequences - for example , blocking the site hoster , loss of search engines index , the application domain . Then it is found that the site was hacked , and it contains links or other resources to promote , or to spread viruses and trojans.
It is likely that hacking was done directly server hosting. But in most cases, these nasty sites fall through the holes in the engines of the site as a result of negligence or webmaster when stored passwords.
Hidden links are one of the popular search engines reasons sanctions , in particular, can be a significant pessimizatsiya ( drop all positions a few hundred points), get out of that would be extremely difficult . If inserted will not just links , and the virus code , the hoster can simply remove the site without warning. Resource and its ip address can also get into the black list of questionable (if not fraudulent ) office Spamhaus , which means the end , since it is practically impossible to come out .
Prevention is simple - watch for updates engines , install all new versions and out regular updates . And not just the passwords stored on your computer in the clear. The same applies to all server software .
Certain danger is predictable service names of folders and files . (Predictable Resource Location). Simple search by hacker determine their presence - and he will have an advantage. Here it is necessary to sacrifice comfort for the sake of security.
SQL- injection
Performance over an sql- query on another server , using vulnerabilities engines , imperfect code. The essence of security flaws is that GET- parameter can pass arbitrary sql- query. Therefore, all string values must be escaped (mysql_real_escape_string) and framing quotes.
Using an injection , an attacker can perform almost any action with the database - remove it to get access to user data and passwords , etc.
XSS
The essence of XSS- attacks is to introduce into the page that is generated by a script , arbitrary code. This works if the variable passed to the URL of the page is not checked for the presence of her characters such as quotes.
The main danger - stealing cookies, and therefore gain access to user accounts. Also, an attacker can obtain information on the visitor's system , the history of sites visited , etc. You can also introduce not only java- script , and a link to php- script hosted on an external server , which is much more dangerous.
At one time, this method was used in the "black " SEO for free links . Site owners is not much harm .
Spam website address and contact information
Method , by and large, harmless , but then again enters the above Spamhaus . Just one complaint and it 's ip may be blacklisted , and hosting company will be forced to refuse service . And send several hundred thousand letters with the address of any website is worth a penny . Spam can also be forums , comments, etc. , and is extremely difficult to prove that this was done by competitors .
Manipulation of behavioral factors
A new method based on the fact that behavioral factors ranking websites in search engines are located on the main roles . They can play both positive and negative role , and second by unscrupulous competitors .
If massive traffic , increasing failure rate, you can easily filter , the "real" visit could hurt , especially if the site will often go real people and leave with him immediately . Bounce rate is high , therefore, the position will fall. However, the effectiveness of the method is now low.
Comment spam and forum
Spammed sites or poorly ranked , or generally are banned by search engines. Consequently, if thoroughly throw website or forum comments with links, it will lead to a sharp decrease in traffic. To avoid this , you need to be carefully set up anti-spam system , and constantly moderate all new posts.
Bulk buying links to your site
In 99 % of cases , this method does not work, and even vice versa. The bottom line is that in a very short time a considerable amount of links leading to the site , and of extremely poor quality . Theoretically, the search engines , especially Google , must respond to this extremely negative and lower site extradition. In practice, such sanctions need so a lot of links that Index the right , and it is very expensive ; so often if ever fall , the time, and then - the rise as reference weight increased .
phishing
It's not quite attack on the site , but , nevertheless , phishing can cause serious damage to the reputation of the resource. Its essence lies in the fact that on another site , often with the same address, is located with a copy of your authorization form . Naturally , everyone who enters their data there , give their attackers . Such things happen in mailings , simulating normal distribution site. Just link it leads to a phishing site and often masked so that once and did not notice .
To deal with this is one way - seeing such a site , you should immediately contact your host on which it is placed, and the registrar of the domain. Such fraudulent sites usually quickly blocked .
