- This topic is empty.
-
AuthorPosts
-
July 16, 2013 at 12:37 pm #46451CodeGraphicsParticipant
Please I want to know if a static website (no CMS, no Database, no registration form, no log in form, no file upload) could be hacked and defaced. If yes. What type of malicious attack is a static website vulnerable to and how can one prevent such attack. The static website however has a contact form that sends data to a gmail account.
July 16, 2013 at 12:52 pm #143148chrisburtonParticipantAlthough you can take steps to make it harder for hackers to gain access, no site is safe from intrusions. Since you stated that you have an input form, you might want to learn about common attacks and how to prevent them. @traq mentioned this in a similar discussion on the front page in the forums.
July 16, 2013 at 1:15 pm #143156SenffParticipantIf there is FTP access to the site/server, or Telnet or anything, files could be overwritten. Not sure if that should be called “hacking”, but it’s a way to deface a site.
July 16, 2013 at 1:22 pm #143158jurotekParticipantGood practice is to change passwords on regular basis in FTP and Cpanel. Few months ago someone got access to my htaccess and redirected our URL to several dozen of porn sites.
July 16, 2013 at 1:30 pm #143160AlenParticipant> however has a contact form that sends data to a gmail account.
!?
Are we talking about SPAM here? or are we talking about if someone can hijack the actual code and “hack” the website? what would be their motive? how is important customer info shared? how does that page relate to other pages in that directory? what are the permissions? security, hacking etc are loaded words, be more specific.
July 16, 2013 at 1:56 pm #143167CodeGraphicsParticipantI have a normal contact form with only three fields (Name, Email and Message). I set all of the three fields to html5 require. I used input type=”email” on the email field. I set maxlength of 40 to Name and Email input fields and 350 to Message textarea field. The contact form is located in the contact us page. When the form is filled and sent, the data will simply be sent to a gmail account and a thank you page will be echoed to the user.
This is the contact page: http://www.ctrlshiftstudios.com/contact
I want to know if the website as a static html website is still vulnerable to attcaks. If yes, what type of attack and how can I prevent it.
I am not talking about users using the contact form to spam my email. I am talking about hijacking the website and deface it. As for my cpanel password, it’s very strong and very hard to guess. I used a word in my native dialect (which is impossible to guess) with uppercase and three special characters like #^!
July 16, 2013 at 10:51 pm #143244CodeGraphicsParticipantHere is the script of my thank-you.php. I hope sharing this here is not risky.
if(isset($_POST)){
$to=”[email protected]”;
$subject=’Online Contact’;
$name=$_POST;
$email=$_POST;
$message=$_POST;
$body=”Name: $namen Email: $email n Message: $message”;
include (‘thanks.php’);
mail($to,$subject,$body);
}
else {
include (‘index.php’);
}
?>July 17, 2013 at 2:52 am #143263CodeGraphicsParticipantName: a
Email: [email protected]
Message: test
I think a static website cannot be hacked if the attacker doesn’t have access to one’s cpanel.
July 17, 2013 at 3:01 am #143265chrisburtonParticipantNot true.
July 17, 2013 at 3:09 am #143267Kitty GiraudelParticipant> Please I want to know if a static website (no CMS, no Database, no registration form, no log in form, no file upload) could be hacked and defaced. If yes. What type of malicious attack is a static website vulnerable to and how can one prevent such attack. The static website however has a contact form that sends data to a gmail account.
It really depends on what you mean by “hacked”. Your credentials for the hosting provider you use could be stolen, then the whole content of your website could be duplicated and erased.
July 17, 2013 at 3:56 am #143270CodeGraphicsParticipant> It really depends on what you mean by “hacked”. Your credentials for the hosting provider you use could be stolen, then the whole content of your website could be duplicated and erased.
Exactly what I mean. That means since my credentials could not be stolen, my cpanel will remain safe and thereby my website.
July 17, 2013 at 3:58 am #143271Kitty GiraudelParticipant> That means since my credentials could not be stolen
Wait… wat?
July 17, 2013 at 4:51 am #143248CodeGraphicsParticipantI know one’s password can be stolen. But I hardly click on links in spam mails to avoid been phished.
July 17, 2013 at 5:08 am #143250Kitty GiraudelParticipant> I know one’s password can be stolen. But I hardly click on links in spam mails to avoid been phished.
Haha, that’s so sweet. :)
July 17, 2013 at 5:13 am #143251chrisburtonParticipantServers can be hacked. Your site resides on a server.
-
AuthorPosts
- The forum ‘CSS’ is closed to new topics and replies.