Applications or informational pages, distributed via HTTP or HTTPS, using a web server. Pages are typically interconnected by hyperlinks and may contain forms or even entire applications.
Questions tagged [websites]
269 questions
49
votes
5 answers
Should I take over a compromised website from another hacker?
A website (www.blue*****art.com) is trying to attack my server using the Shellshock vulnerability. After doing an Nmap scan on the attacking IP address, I found many open ports. It looks like the website is running Exim, which is vulnerable to…
user67281
- 531
- 1
- 4
- 3
16
votes
2 answers
Website security - should I hire a developer?
I'm going to create a new website with Joomla! 3.
Potentially, this site will get me some money through ads but I'm a little worried about what could be done to attack it. I say a little because I'm not hoping in huge revenues and I don't think…
Zachiel
- 443
- 1
- 4
- 9
8
votes
2 answers
Website Defacing without hacking (google issue or trick?)
When I search in google for:
"sensors"
The two first results are:
"Sensors"
"Publications"
If I click on these two lines (the second one for instance), I get to a defaced website (actually, there is an extra document.location() redirecting me…
PeterG
- 81
- 6
2
votes
1 answer
What are good precautions to take before cleaning an infected website?
I have to work on infected websites once in a while, and I'm wondering if there are some good practices to keep my computer safe.
I use my personal computer for work, so I'd like to take precautions.
Is downloading an infected website via FTP a risk…
Shane
- 131
- 4
2
votes
4 answers
If a large companies website's robots.txt file has no Disallow section, does this mean I am free to write code to crawl their website?
If a large companies website's robots.txt file has no Disallow section, does this mean I am free to write code to crawl their website?
The website in question is basically a data warehouse for the type of information I need, information which is…
JMK
- 2,506
- 7
- 29
- 40
2
votes
0 answers
Server-side solution to protect from bots?
I have a website where a user needs to register with his mobile phone number. It is verified by sending a verification code by SMS, each SMS costs me €0,10.
I have already implemented a check that if a user enters the same phone number twice he gets…
O'Niel
- 2,914
- 3
- 20
- 31
2
votes
2 answers
No limit of characters in name field - Any risk?
I want to know what security vulnerabilities could have a website that in the name field there is no character limitation. so there could be 100 characters or 10k. My first idea is that it can could lead to DoS to the platform and other users but is…
Tomi Begher
- 121
- 1
- 10
2
votes
1 answer
Website link shows a code variable
A website I frequently visit is showing an error message.
The usual Click 'here' link actually shows
Click '$host_variable.xxxxxxName'
to navigate to a certain page.
Is it a security flaw? How?
max
- 141
- 1
- 1
- 7
1
vote
1 answer
Why is pastebin considered a high risk service
The company I work at uses zscaler to restrict access to certain websites.
Earlier today, I tried to visit pastebin.com, but got the error message in the picture below:
Trying to google why pastebin is considered a high risk service, I didn't…
eirikdaude
- 111
- 3
1
vote
2 answers
Too many spam comments
My website is receiving too many spam comments, what I do?
I have installed a plugin but I'm not satisfied with it.
How to block spam comments and spam users etc.
sma
- 11
- 2
1
vote
1 answer
School website exposes root FS, where to report?
I was googling for some PCI device code and stumbled upon an indexed /sys file on a web server. Poking around a bit, it seems that the complete root filesystem is exposed trough /uploads/ls. So I can assume this site is hacked?
I'm a bit concerned,…
Tim
- 111
- 5
1
vote
2 answers
I unknowingly visited a hacked site, what are my next steps?
I stumbled onto a hacked site a short while ago. Firefox blocked Flash from running, but are there any other vectors I should be concerned about? I'm pretty sure I had an account on the forum in question; does that change anything?
As of posting…
user36023
1
vote
2 answers
Find unlisted web pages on a site?
If I have a website with an index.html page that was just a landing page with no other links, and I also have another html page hosted on the same domain that has no links to it, is there any way someone could find the page except through being told…
Zorpho
- 13
- 1
- 4
1
vote
3 answers
Why are websites obviously run for nefarious reasons not taken offline asap?
Although the question has a much broader scope an example case is my
posted question: Should I worry if I have tried to ssh into a 'fake' dyndns.org site? (with ssh keys)
In summary the previous question is related to people running sites with the…
jonnyxcvhanger
- 63
- 3
1
vote
2 answers
Problems with the security certificate
On my phone when I try and access my regular websites, I get the error message " there are problems with the security certificate of this website".
More often than not I still proceed onto the website.
If it is a website that I regularly go on, is…
user87168
- 21
- 1