How to Secure your Website from Hacker OMG

Today i thought to share this method so that you can make your site secure from script-kiddies !!!

As you all know there are many Web Vulnerability Scanners available on internet which can scan any website for vulnerabilities. It is a fashion nowadays to scan a website from a Web Vulnerability Scanner and if got any vulnerability then report vulnerabilities to the administrator for bug-bounty. Well i am not saying that this is wrong but its not necessary that these kids will not harm your website. The fact is they can shell/hack/deface your website or do any harm for their profit.

Now all the scanners have their own methods to scan but these scanners send request to your website with different user-agents. For Example :

Acunetix/nikto/nessus/Openwas uses their own user-agent string having their own name. So what we can do ..??

Yep we can disallow these well known scanners user-agent string for our directories i.e. if these user-agent strings will be in request then their request will be rejected by our server.

You just need to add the below code in your .htaccess file in your web directory i.e. public_html generally for linux.

RewriteEngine On
<IfModule mod_rewrite.c>
RewriteCond %{HTTP_USER_AGENT} ^w3af.sourceforge.net [NC,OR]
RewriteCond %{HTTP_USER_AGENT} dirbuster [NC,OR]
RewriteCond %{HTTP_USER_AGENT} nikto [NC,OR]
RewriteCond %{HTTP_USER_AGENT} SF [OR]
RewriteCond %{HTTP_USER_AGENT} sqlmap [NC,OR]
RewriteCond %{HTTP_USER_AGENT} fimap [NC,OR]
RewriteCond %{HTTP_USER_AGENT} nessus [NC,OR]
RewriteCond %{HTTP_USER_AGENT} whatweb [NC,OR]
RewriteCond %{HTTP_USER_AGENT} Openvas [NC,OR]
RewriteCond %{HTTP_USER_AGENT} jbrofuzz [NC,OR]
RewriteCond %{HTTP_USER_AGENT} libwhisker [NC,OR]
RewriteCond %{HTTP_USER_AGENT} webshag [NC,OR]
RewriteCond %{HTTP:Acunetix-Product} ^WVS
RewriteRule ^.* http://127.0.0.1/ [R=301,L]
</IfModule>

So now your website wont be scanned by these scanners. And yes this will reduce the attack probability on your website.

Note: This will only reduce attack possibility on your website its not the 100% secure method as an smart attacker can create there custom user-agent string.
Hope this will help you..

thankyou guys

How to Secure your Website from Hacker OMG

Hello mates..!!!

Post a Comment

0 Comments

About Me

Featured Post

[!!GIVEAWAY!!] Free Bitcoin Generator 2021 Free BTC Hack Generator free

Contact Form

Follow Us

Total Pageviews

Search This Blog

Like us on facebook

Pages

Footer Menu Widget

Popular Posts

Grab Points Promo Code

Hack Gmail Password OR Account in Less Than 5 Minutes With 100% Working & Free Gmail HackerPosted in All Free Software, Email Hack Software By Black ReVol.

GrabPoints Hack (Grab Hack)

Categories

Most Popular

Hack Gmail Password OR Account in Less Than 5 Minutes With 100% Working & Free Gmail HackerPosted in All Free Software, Email Hack Software By Black ReVol.

How to apply traveler visa to india

VulnVPN (Vulnerable VPN) Solutions New edition

Recent in View

How to Secure your Website from Hacker OMG

You may like these posts

Post a Comment

0 Comments

About Me

Featured Post

[!!GIVEAWAY!!] Free Bitcoin Generator 2021 Free BTC Hack Generator free

Contact Form

Follow Us

Total Pageviews

Search This Blog

Like us on facebook

Pages

Footer Menu Widget

Social Plugin

Popular Posts

Grab Points Promo Code

Hack Gmail Password OR Account in Less Than 5 Minutes With 100% Working & Free Gmail HackerPosted in All Free Software, Email Hack Software By Black ReVol.

GrabPoints Hack (Grab Hack)

Categories

Most Popular

Hack Gmail Password OR Account in Less Than 5 Minutes With 100% Working & Free Gmail HackerPosted in All Free Software, Email Hack Software By Black ReVol.

How to apply traveler visa to india

VulnVPN (Vulnerable VPN) Solutions New edition

Recent in View