Securing Directory

Several hacking techniques may need an open directory to be accessed in order to hack a website. For example my friend Selena from Spain, her website just been hacked recently by someone and down for a while.

Her wp-includes directory is accessible easily without any security and maybe another directory she have also accessible and vulnerable. You can also check your site vulnerability by accessing this URL: http://www.your-site.com/wp-includes or http://www.your-site.com/wp-content/uploads.

Untitled

When you access that directory, you may see a page like the screenshot above. The question now is, how to securing that page?

If you asked me about it, i want to say if it is pretty simple. You can upload a file named index.php and put this code into it:

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<head>
<meta http-equiv="REFRESH" content="0;url=http://www.your-website.com/"></HEAD>
<BODY>

</BODY>
</HTML>

Before you save the file, make sure if you already modify the content value into your website URL.

Once you done with it, you can upload the file via FTP to any vulnerable directory you have. This file will send the hacker into the URL you set at this file. So, there will be no longer vulnerable directory 🙂 .

Advertisements

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s