Hungerford Web Design Blog

See - save you effort, time and enable you to create standrds driven pages with ease. this is a bit long but it is only an overview so please read it if you are not already using includes to create your pages

Using includes to create a web page:
It is my opinion that any webmaster worth a biscuit should be using inclides in their page design. As such, for those who don’t, I have written a short tutorial in what they are and how to use them. I hope someone finds it useful.

What is an include?:
An include statement is named after exactly what it is! An instruction to the web server to include one file within another. For example, if I write a webpage have it formatted as follows:

Continue reading »

Technorati Tags: Asp Version, Biscuit, Code Lt, Driven, Headers Footers, Navigation Areas, Path, Php Code, Source Code, Text Image, Typical Web, Web Developer, Web Page, Web Server, Workload

This script is nice and neat. It will check your services based on port number and works great in both Windows and Linux/UNIX. Give it a try, we use it regularly.

Continue reading »

Technorati Tags: Arrays, Cellpadding, Code Lt, Collapse, Com Port, Connection Ip, Div Style, Echo Data, Email, Fp, Ftp Ip, Google, Internet Connection, Ip 6, Lt Ports, Sans Serif Font, Server Status, Service Checks, Service Status, Td Bgcolor

Do you consider yourself to be a Web Designer or a Web Developer?

If you ‘create’ websites, what do you call yourself? A common misconception nowadays is that if you have created a page in frontpage you know how to make websites. Is this valid? I don’t know!

Continue reading »

How to update your system

Updating your system regularly is the first step in securing your server. You didn’t think of this did ya?

up2date configuration:
login as root, and issue the following command:

Code:

up2date –configure ENTER
select number for “removeSkipList” ENTER
C ENTER

Code:

select number for “pkgSkipList” ENTER
C ENTER
ENTER

Continue reading »

Hardening PHP for dangerous functions:

First of all, locate your php.ini

If you don’t know where you php.ini is, it’s easy.
simply upload this file in your www folder

PHP Code:
< ?
phpinfo();
?>
name the file something say info.php
and call the file as http://domain.com/info.php

a page will load, and at the top part, something like this line will be shown i.e on the 6th row

Continue reading »

Root Access Notification:

This will inform you each time access is made to the root account:

In SSH:
Code:

cd /root

edit .bashrc and add the following at the end, for freebsd: edit .cshrc

Code:

echo -e “root access on `date`” ‘\n’ `who` | mail -s “Root Alert!” you@youremail.com

Continue reading »

Technorati Tags: Cd Edit, Echo, Mail Alert, Notifications, Root Account, Ssh

Disabling Compilers

When the compiler is disabled, the hacker is not able to compile and make the exploit. This step will prevent “The ability to compile the file in the system”. Most of the hacking guides that is found in the net suggest of compiling the exploit in the system, and seldom a pre-compiled binary is distributed. Thus, either via shell access or daemon exploit or via cgi/php abuse, they will try to get hold of your compiler and compile the exploit. Normally, your users do not need access to the compiler, so it is safe to restrict/disable compilers

Continue reading »

Technorati Tags: Admins, Amp, Byacc, Cc1, Compilers, Decis, Fedora, Freebsd Code, Hacker, Hacking Guides, Jsp Apache, Lib, Preference, Redhat Linux, Root User, Rpm, Shell, Up2date, Usr Bin, Webservers

secure install-defaults

By default, many applications are installed with lose security. We can tweak some settings to make it much better in terms of security.

Continue reading »

Technorati Tags: Absolute, Administrative Group, Configuration File, Lib, Linux, Linux Install, Linux System, Pam, Password Access, Protocol, Redhat Fedora, Root Code, Root Login, Root Password, Ssh, Usermod, Usernames, Wheel, Wheel Group

Why should ports be secured ?

Open ports are via which a hacker determines what daemons your server is running, and whether or not, your system can be exploited or not. Port scan is the first thing that is done to fingerprint your OS and determine what is running. Open ports behave like open windows in your house. The more closed and armoured windows you have, the less thempting to thieves. Open ports in the server work in the same way, the more they are, the more tempting they become.

Continue reading »

Technorati Tags: Attacker, Closing Ports, Cpanel, Debian Freebsd, Exploits, Fedora, Fingerprint, Mail Domain, Mv, Open Ports, Open Windows, Plesk Servers, Pop 3, Port Scan, Rndc, Server Ports, Server Work, Syslog, Tcp, Thieves

Choosing a webhost:
You have written your first (or 101st) website, you want the whole world to see it and you want it quick. Stop for a second and take a look at what you are wanting. From 10p to £1000 a month there is a lot of choice. Most people tend to be swayed toward one webhost by someone else that has used them; do they look for the same things in a webhost as you?

Continue reading »

Technorati Tags: 10p, Apps, Bandwidth, Cgi Bin, Costs Money, Domain Name, Fraud, Ftp Access, Html Page, Important Factors, Languages, Lycos, Minefield, Perl, Pockets, Regard, Server Side Scripting, Web Hosting, Web Hosts, Webhost