Back to Question Center
0

Semalt: Indlela Yokwenza Uqiniseke ukuthi Indawo Yakho Ivikelekile Ekuhlaselweni KwamaHacker

1 answers:

Ukuvuza kolwazi lomuntu siqu kuyinselelo ekhulayo kubasebenzisi be-intanethi. IUlwazi lufaka phakathi izithombe zomdanso ezidumile, ulwazi lwekhadi lesikweletu, idatha kahulumeni, ama-ID we-imeyli, namaphasiwedi. Lokhu kusho ukuthiizwe labaduni liye lalawula i-intanethi kuzo zonke izigaba. I-Newbies ingase ingaqondi ukuthi amabhulogi abo noma amawebhusayithi angahlushwa kanjani ngaphandleulwazi lwekhadi lesikweletu. Kodwa-ke, abaduni, bazimisele ukuvula izingosi ze-nondes zibe yi-spy bots enonya,ulwazi ngaphandle kolwazi lwakho. Ngaphezu kwalokho, bangadonsa kwi-database ye-newbie indawo futhi basebenzise noma babhubhise idatha ebalulekile futhiukufaka izixhumanisi ezinonya noma iseva yokubamba i-hijack.

Nanka izinyathelo ezilula ezinikezwa uMichael Brown, uMphathi weNtuthuko weKhasimende i-Semalt Amasevisi weDivaysi, ongayisebenzisa ukugcina abaduni bebhekile:

  • Okuphambili, buyekeza yonke isofthiwe yakho. Umnikazi wesayithi kumele aqinisekise noma yiliphi ucezusoftware abayisebenzisayo kusesikhathini kungakhathaliseki ukuthi amawebhusayithi abo wadalwa kusukela ekuqaleni noma ngokwakha website DIY kumuntu wesithathui-turnkey yesikhulumi. Abahlinzeki be-CMS abanjengoJoomla kanye ne-WordPress njalo basebenza ukukhulula izibuyekezo ezijwayelekile kanye nama-patches, okwenza isofthiwe ibe ngaphansiengozini ku-hacks. Ngakho-ke, qiniseka ukuthi ufake ukubuyekezwa futhi usebenzise inguqulo yakamuva esekela iwebhusayithi yakho ngaso sonke isikhathi.
  • Okwesibili, yakha izingqimba zokuphepha ezungeze amawebhusayithi akho..Njengoba nje ugijimai-antivirus ngaphambi kokuphequlula iwebhu kukhompyutheni yakho, kufanele ube nesistimu yokuphepha, ekhonza njengeqhinga lokuqala lokuvikela isayithi lakhongokumelene nokuhlaselwa. Isibonelo, i-Web Application Firewall iyithuluzi elibalulekile lokuzivikela. Kuhloswe ukuhlola ithrafikhi kanye nokhula ngaphandleisicelo esibi futhi ngaleyo ndlela sihlinzeke ngokuvikeleka ekuhlaselweni okunamandla kwe-SPAM, i-SQL injection kanye ne-Cross Site Scripting.
  • Okwesithathu, shintsha ku-Hyper Text Transfer Protocol Secure (HTTPs). I-HTTP iyi-protocol yokuxhumana evikelekile esetshenziselwa ukudlulisa okuqukethwe okubucayi phakathi kwesiphakeli sewebhu kanye newebhusayithi. Le protocol ihlanganisa i-SSL(I-Secure Sockets Layer) kanye ne-TLS (I-Layer Security Security) ku-HTTP yesayithi ngakho-ke ukugcina idatha yakho kanye nabasebenzisi ekuhlaselweni kokuhlaselwa.
  • Ngokulandelayo, sebenzisa amaphasiwedi aqinile futhi uwaguqule njalo. Kukhona ukwandaabahlukumezi abanamandla abaqagela kahle amagama abasebenzisi namaphasiwedi. Ukusetshenziswa kwamaphasiwedi aqinile ngaleyo ndlela kuyindlela ephumelelayokokunciphisa ukuhlaselwa kwesichazamazwi namandla okuhlukumezeka. Ukwengeza, amaphasiwedi aqinile, ayadingeka ku-admin, database kanye nesava yewebhu.
  • Okokugcina, yenza izinkombandlela zomqondisi kunzima ukubona. Abaqaphi bangena ukufinyelelaulwazi lewebhusayithi ngokusebenzisa umthombo kanye nokuhlasela okuqondayo komqondisi. Bangasebenzisa izikripthi, eziskena zonke izinkomba kwiwebhuiseva ngemigomo yokunikezela njenge 'login' noma 'admin,' futhi unqabe ukuphepha kwesiza sakho ngokungena kulawo mafolda. Ngakho, qiniseka ukuthikhetha amagama e-folder angenacala, awaziwa kuphela ithimba lakho lonjiniyela ukuze unciphise ukuphulwa okungenzeka.

Ekuphetheni, ezweni lokuphepha kwe-intanethi, noma yiliphi iwebhusayithi ingadliwa. Iphumeleleukuhlaselwa kuyingozi kumnikazi womnikazi ngaphezu kokwehlisa ulwazi lomsebenzisi. Ngaphezu kwalokho, ukuhlaselwa kungabangela i-Google nezinyeizinjini zokuhlunga uhlu lakho kuwebhu ukuze ugweme ukusabalalisa ulwazi olunonya kuwebhu yonke. Hlala uhlala eceleni kokuqapha.Yenza okungenani izinyathelo ezintathu eziyisisekelo ezihlinzekwe kulesi sihloko ukuze ugweme ukuba yisihlonzi sabasosha.

November 28, 2017
Semalt: Indlela Yokwenza Uqiniseke ukuthi Indawo Yakho Ivikelekile Ekuhlaselweni KwamaHacker
Reply