Home › Forums › CSS › Website Hacking. I Have A Question › Re: Website Hacking. I Have A Question
I know servers can be hacked, but that is beyond my jurisdiction. My host will have to take care of that.
Well, I started searching about whether a static website could be hacked and I landed here: https://www.mavitunasecurity.com/
I downloaded their free website scanner. I installed it and entered my url. What the software does is to try to hack your website. It’s like penetration testing. The exercise lasted nearly an hour and I washed as the software was unleashing these attacks:
SQL Injection (Blind)
Local File Inclusion
Remote File Inclusion
HTTP Header Injection
Remote Code Evaluation
Web App Fingerprint
RoR Code Execution
on the website. I actually received about 300 junk emails from the software during the exercise. And I found out that the html5 ‘require’ was actually bypassed in some cases because I actually received an empty messages which shouldn’t have gone through ordinarily. After, the exercise, the website remained intact.
I guess the reason is because the form data actually will be sent to a gmail account and not to a database. I think gmail actually prevented the software from hacking the website.
Well, I am becoming more concerned now about web security. I will really like to learn how to tighten up websites and databases from malicious attackers.