CrawlTrack, webmaster dashboard.
Web analytic and SEO CrawlProtect, your website safety. Protection against hacking, spam and content theft Two php/MySQL scripts, free and easy to install
The tools you need to manage and keep control of your site. |
|
As a webmaster, one of your biggest fear is to discover one day that your website has been hacked. The risk to lose your data, your Google position and/or your customers is high if a hacker take the control of your website.
Sur you are carefull, you update regularly the scripts your are using and use sophisticated passwords. The PC you are using to upload your files is equipped with an uptodate antivirus, you never doing ftp transfer from a public PC. As a summary you are applying all the common sense rules to avoid hacking.
CrawlProtect do more, by blocking:
-some code injection attempts
-some SQL injection attempts
-some visits coming from crawler known as "Badbots" (crawlers used by hackers)
-some website copier
-some shell command execution attempts
As all protection system, CrawlProtect cannot garantee that your website will never be hacked, but it's a new wall that hackers need to pass if they want to hack your website.
Hacking of your site may have consequences more or less dramatic. The attacker can simply replace your homepage with a page that claimed his exploit.
The danger is that he has found a way to enter your site and nothing says that next time he will not do more damage.
Indeed it can also erase all your data, including in the most severe cases your databases.
But there are also hacks more pernicious, undetectable at first but infinitely more dangerous for your guests and yourself.
The attacker can add on your pages of malicious scripts that will either retrieve the data entered by your visitors either inject a virus on their PC . It can also add on your website pages that will serve as a trap by phishing. In the latter case, your criminal liability may be incurred.
CrawlProtect act at two levels, firstly with the htaccess file which will analyze incoming requests on your site and immediately blocked those that are recognized as hacking attempts (attempt to inject a script, attempts to inject a SQL query, query made by robots known as badbot, etc. ...).
The second level of protection depends on you, CrawlProtect offers an easy way to change in a few clicks the chmod of your file or folders to the most appropriate level.
A short explanation about chmod:
Chmod (short for change mode) is the command which allow to change access right on files and folders. It's a Unix command, it didn't exist on Windows. By abuse of language we use the term to describe the chmod permissions to a file or directory
The value associated with a chmod is mostly given by a 3 digits number:
-the first digit describe the rights for the owner of the file
-the second digit describe the rights for the group of the owner of the file
-the third digit is for all the other users (everybody in fact).
These digits values can be from 0 to 7:
-0 -----> no right
-4 -----> right to read
-5 -----> right to read and execute
-6 -----> right to read and write
-7 -----> right to read, execute and write
You realize immediately that if your directories are chmod 777, everyone has the right to read, execute, but also and especially to write them. You can also leave your door wide open hoping that nobody will rob you ...
CrawlProtect will propose you to put a chmod 555 for your folder, so nobody, even you, will have the right to write in it and so to add any malicious script.
You will have to switch back to 755 (to have for you and only you the right to write) to make modification on your site. It may be somewhat restrictive, but not that much given the ease of use of CrawlProtect.
For your files, it's the same principle but in that case CrawlProtect will propose chmod 444, and you will have to change to chmod 644 to make modification.
These chmod level (555 for folders and 444 for files) will give hard time to hackers and there is a good chance that they will try to thind an easiest target.
If you like CrawlProtect, you can participate to it's development on different ways:
-Speak of CrawlProtect around you, on your websites and blogs.
-Add a link to www.crawlprotect.com on your website, you can used that logo (thanks to download the image to display it from your site):
The title could be: "Website protected by CrawlProtect".
-Use CrawlProtect as a media to present your products and/or services. You will find all the informations needed.
The website protection script CrawlProtect is developed by Jean-Denis Brun. You can .
Enycu who regularly post on OVH forum and who is at the origin of most of the rules used in CrawlProtect .htaccess file.
copyright@2023 crawltrack.All rights reserved