Website security system against hacking

Website security system against hacking

June 18, 2013

The multiplicity of hacking cases for websites, especially for Israeli sites, requires us as developers to think outside the box.

Fighting Hackers Consider a cat and mouse game. We are learning their methods, closing loopholes, and hackers will always find a new loop.

The reality is that there is no definitive way to prevent break-ins. Server hacking is done every day and a good and creative hacker will always find a break in the most expensive and sophisticated security mechanism.

However, all the breaks, from the simplest page replacement known as defacement, to the most sophisticated break leave a signature. Bottom line is the hacker’s goal is to break into one of two places:

1. File area for changing a file, adding malicious code, or deleting an important file

2. Information area. Database for retrieving information, changing information, adding links, etc.

No matter how hacked the hacker enters the server, its goal is always to reach one of the above two areas, and always remain a signature of the server hack.

At EOI, we use external security experts to objectively review the security systems we have set up. However, we have developed an alert and analysis system that scans hundreds of thousands of files in seconds and detects hacking attempts. The system will send an alert to our security manager as soon as such a hacking attempt is detected.

This way, we always know about each hacking as it happens, and can detect the hacking in the security mechanism that allows hackers to log in and handle the site.