Results 1 to 27 of 27
  1. #1
    Join Date
    May 2006
    Posts
    572

    Can a simple HTML website with graphics be hacked?

    I've been wondering...
    How exactly is something hacked? Is it something where anyone with the knowledge can just walk up to an HTML site or Google and take it down?

    Can a simple HTML website with graphics or a flash website be hacked?
    I'm currently hosting with: hostgator

  2. #2
    Join Date
    Jan 2003
    Location
    U.S.A.
    Posts
    3,911
    It does make things more difficult but any skilled hacker will do what they want if the proper security measures have not been taken.

  3. #3
    Join Date
    Jul 2005
    Location
    Los Angeles, California
    Posts
    1,369
    People find backdoors through things such as SSH or a loop hole within the server's security. I believe if you don't have a firewall or any other sort of security measure it would be easy for a hacker to just walk in and do whatever they want. For example, if you leave an unused port called port X open and never close it a hacker could sometimes just walk in through port X and do whatever he desires. Please correct me if I am wrong though.
    Rageki Web Hosting Solutions - Canada & United States Web Hosting
    DirectAdmin & cPanel Control Panels
    99% Uptime!
    30 Day Money Back Guaranteed!

  4. #4
    Join Date
    May 2006
    Posts
    572
    Well all I have is a simple HTML website (like a template) with graphics uploaded into the domain name folder. Nothing more, nothing less. That's it.
    I'm currently hosting with: hostgator

  5. #5
    Join Date
    Jan 2003
    Location
    U.S.A.
    Posts
    3,911
    You should be fine, just make sure your with a quality host and that you have a lengthy and difficult password.

  6. #6
    Join Date
    Jul 2005
    Location
    Los Angeles, California
    Posts
    1,369
    The HTML page will always be safe. The reason most people get hacked is due to the server security.
    Rageki Web Hosting Solutions - Canada & United States Web Hosting
    DirectAdmin & cPanel Control Panels
    99% Uptime!
    30 Day Money Back Guaranteed!

  7. #7
    Join Date
    May 2006
    Posts
    572
    phew, I just read the forum on a webhost being hacked.
    I'm currently hosting with: hostgator

  8. #8
    Join Date
    Jan 2003
    Location
    U.S.A.
    Posts
    3,911
    Its always the host responsibility to secure the server but at the same time its up to the client to do their part.

  9. #9
    Join Date
    Jul 2005
    Location
    Los Angeles, California
    Posts
    1,369
    Quote Originally Posted by dave-dave View Post
    phew, I just read the forum on a webhost being hacked.
    Yup, I read up on that too. It's pretty sad and they still haven't gotten it fixed. I would always check with your host and make sure that they're secured PHP and MYSQL as those are the easiest ones to do and their free. I would also check to see if your host has a firewall installed whether it would be a network or a software one, it doesn't matter having something is better than nothing .
    Rageki Web Hosting Solutions - Canada & United States Web Hosting
    DirectAdmin & cPanel Control Panels
    99% Uptime!
    30 Day Money Back Guaranteed!

  10. #10
    Join Date
    May 2006
    Posts
    572
    Well, I have OCD or something for checking daily to make sure my site's up and nothing's wrong with it. Guess there could be worse things...
    I'm currently hosting with: hostgator

  11. #11
    Join Date
    Mar 2004
    Location
    Singapore
    Posts
    6,984
    It depends if it is Windows 2000 with Web Dav enabled, there was a possiblity. But nowadays this should not happen, as others mentioned the attacks would most likely be server wide and mass defacing.

    Quote Originally Posted by dave-dave View Post
    I've been wondering...
    How exactly is something hacked? Is it something where anyone with the knowledge can just walk up to an HTML site or Google and take it down?

    Can a simple HTML website with graphics or a flash website be hacked?

  12. #12
    Join Date
    Dec 2007
    Location
    Indiana, USA
    Posts
    16,087
    Quote Originally Posted by dave-dave View Post
    I've been wondering...
    How exactly is something hacked? Is it something where anyone with the knowledge can just walk up to an HTML site or Google and take it down?

    Can a simple HTML website with graphics or a flash website be hacked?
    With a static page/image there generally won't be any kind of vulnerability that will allow somebody to compromise your account or server. When a site is hacked often times it is due to an insecure script (non-static), improper permissions on a folder (chmod 777 for example). If an entire server is hacked it's usually due to a security hole in the server itself.

    If somebody hacks your account alone, that doesn't necessarily give them access to the rest of the server. Go with a web hosting company you can trust, run searches here for reviews and don't be afraid to ask any potential web host a bazillion questions. The more the web host knows, the more likely they are to provide you a higher level of service.
    Michael Denney - MDDHosting LLC
    New shared plans for 2016! Check them out!
    Highly Available Shared, Premium, Reseller, and VPS
    http://www.mddhosting.com/

  13. #13
    Join Date
    Sep 2004
    Location
    Chennai , India
    Posts
    4,608
    Quote Originally Posted by Rageki-John View Post
    People find backdoors through things such as SSH or a loop hole within the server's security. I believe if you don't have a firewall or any other sort of security measure it would be easy for a hacker to just walk in and do whatever they want. For example, if you leave an unused port called port X open and never close it a hacker could sometimes just walk in through port X and do whatever he desires. Please correct me if I am wrong though.
    It depends upon the access, in linux its not easy to hack even if you don't have any firewall. SELinux automatically restricts many things when there is an access to the root from an unauthorise user.

    If the pages are static then its pretty tough for a hacker, but dynamic pages are easily hacked because of poor coding and its no where related to administration or system end.

  14. #14
    Greetings:

    Quote Originally Posted by dave-dave View Post
    I've been wondering...
    How exactly is something hacked? Is it something where anyone with the knowledge can just walk up to an HTML site or Google and take it down?

    Can a simple HTML website with graphics or a flash website be hacked?
    Yes.

    1. There can be vulnerabilities in Flash.
    2. There's brute force attacks against FTP, SSH, POP3/IMAP
    3. The host provide server the site is on can be hacked.

    Thank you.
    ---
    Peter M. Abraham
    LinkedIn Profile

  15. #15
    Join Date
    Jul 2005
    Location
    Buffalo, NY
    Posts
    2,626
    Quote Originally Posted by MikeDVB View Post
    With a static page/image there generally won't be any kind of vulnerability that will allow somebody to compromise your account or server. When a site is hacked often times it is due to an insecure script (non-static), improper permissions on a folder (chmod 777 for example). If an entire server is hacked it's usually due to a security hole in the server itself.

    If somebody hacks your account alone, that doesn't necessarily give them access to the rest of the server. Go with a web hosting company you can trust, run searches here for reviews and don't be afraid to ask any potential web host a bazillion questions. The more the web host knows, the more likely they are to provide you a higher level of service.
    That pretty much sums it up. Nice post.

  16. #16
    Join Date
    May 2006
    Posts
    572
    Thanks for the replies and advice. It looks like I'm okay, but I should be careful when I expand into email through my website.
    I'm currently hosting with: hostgator

  17. #17
    Join Date
    Dec 2007
    Location
    Indiana, USA
    Posts
    16,087
    If you install any scripts make sure that you keep them updated, usually they are updated to close security holes that have been discovered. Other than that... Good luck!
    Michael Denney - MDDHosting LLC
    New shared plans for 2016! Check them out!
    Highly Available Shared, Premium, Reseller, and VPS
    http://www.mddhosting.com/

  18. #18
    Join Date
    Sep 2005
    Location
    In canada
    Posts
    3,213
    Hey when lifes not safe, how can website be safe ? There is no 100% hack proof site and i doubt there will be ever, those who really need to hack will find ways to hack !!

    Neither your host, nor you can do anything about it. Its all about how motivated the hacker is and how skilled the hacker is.

  19. #19
    Join Date
    Dec 2007
    Location
    Indiana, USA
    Posts
    16,087
    Quote Originally Posted by Energizer Bunny View Post
    Hey when lifes not safe, how can website be safe ? There is no 100% hack proof site and i doubt there will be ever, those who really need to hack will find ways to hack !!
    This is certainly true.

    Quote Originally Posted by Energizer Bunny View Post
    Neither your host, nor you can do anything about it. Its all about how motivated the hacker is and how skilled the hacker is.
    There is something you can do, and that is keep your permissions locked down and your scripts updated, even then you are not bullet proof. And your host can keep the server updated and patched against security vulnerabilities... So I would disagree with the second portion of your response.
    Michael Denney - MDDHosting LLC
    New shared plans for 2016! Check them out!
    Highly Available Shared, Premium, Reseller, and VPS
    http://www.mddhosting.com/

  20. #20
    Join Date
    Sep 2005
    Location
    In canada
    Posts
    3,213
    Quote Originally Posted by MikeDVB View Post
    This is certainly true.


    There is something you can do, and that is keep your permissions locked down and your scripts updated, even then you are not bullet proof. And your host can keep the server updated and patched against security vulnerabilities... So I would disagree with the second portion of your response.
    Trust me if hacker is motivated and skilled enough they will find ways. Dont under estimate the power of human mind . Thats what bunnies fear the most the power of human mind scares them !!

  21. #21
    Join Date
    Oct 2003
    Location
    Morocco
    Posts
    549
    Yes if you have any folders with incorrect permissions!
    RofyHost - Affordable Shared & Reseller Hosting Since 2003
    Proud Moroccan

  22. #22
    Join Date
    Dec 2007
    Location
    Indiana, USA
    Posts
    16,087
    Quote Originally Posted by Energizer Bunny View Post
    Trust me if hacker is motivated and skilled enough they will find ways. Dont under estimate the power of human mind . Thats what bunnies fear the most the power of human mind scares them !!
    I didn't disagree with you on this, and I am not underestimating the human mind. I've said you are right that there is no perfect and 100% secure system, but you were wrong in saying that there is *nothing* that you can do to prevent a hack. There is *always* something you can do.

    If you never updated your scripts and the system admins never updated the servers, then you would be hacked quite often and quite easily, just the mere fact that you aren't hacked every day is proof positive that preventative maintenance and pro-active security can help prevent server hacks. Although it is impossible to completely eliminate the possibility.
    Michael Denney - MDDHosting LLC
    New shared plans for 2016! Check them out!
    Highly Available Shared, Premium, Reseller, and VPS
    http://www.mddhosting.com/

  23. #23
    Join Date
    Oct 2005
    Location
    Surrey BC
    Posts
    1,319
    Depends on how the intruder gained access and what kind of access they gained.

    If they gained root then it doesn't matter because they can change any file they want.

    If they gained access through some kind of script exploit then they can make changes to files owned by the script or files with loose permissions which would allow the script to write to those files.


    + NOW WE'RE MAKING RECORDS, NOW WE'RE MAKING TAPES

  24. #24
    Join Date
    Sep 2005
    Location
    In canada
    Posts
    3,213
    No no no Denney, i didn't mean about prevention, you can try prevention , i was more or less talking about hackers trying to hack, at which point neither the host nor the victim can do much.

    Ofcourse you can put a big chunk of firewall in place and block everything off the server aka deny ip *.*.*.* should do, that i am sure will be 100% secure or just hook server off the dangerous www environment

    Bunny just bad in english and trying to express, after all my first language is Bunnish !

    Cheers

  25. #25
    Join Date
    Aug 2004
    Location
    Australia
    Posts
    895
    Quote Originally Posted by MikeDVB View Post
    I didn't disagree with you on this, and I am not underestimating the human mind. I've said you are right that there is no perfect and 100% secure system, but you were wrong in saying that there is *nothing* that you can do to prevent a hack. There is *always* something you can do.
    True, A look at the firewall and access logs is normally a good indication that security works.
    I could tell you a joke about UDP. But I'm not sure you would get it!

  26. #26
    Join Date
    Jan 2004
    Location
    Oztrayla Mate!
    Posts
    572
    Your two biggest weak points with a plain HTML site is an outdated cPanel, or having a keylogger on your machine that grabs your credentials when you log in or FTP.

    Its your hosts responsibility to keep the servers scripts updated, but you can check your cPanel version and request it be updated if your host is running an outdated version.

    That just leaves keyloggers, smart browsing/downloading along with regular scans and updates of your machine will cut your risks there.

    There are some other far more remote ways, and ways you have no control over but do the above and you will be pretty safe.

    Also keep a backup of all your files, i have my major sites and an FTP client stored on an 8GB USB keyring so i can put them back online from anywhere.
    Great Host = WiredTree.com Managed VPS Hosting

  27. #27
    Join Date
    May 2006
    Posts
    572
    Quote Originally Posted by 1boss1 View Post
    Your two biggest weak points with a plain HTML site is an outdated cPanel, or having a keylogger on your machine that grabs your credentials when you log in or FTP.

    Its your hosts responsibility to keep the servers scripts updated, but you can check your cPanel version and request it be updated if your host is running an outdated version.

    That just leaves keyloggers, smart browsing/downloading along with regular scans and updates of your machine will cut your risks there.

    There are some other far more remote ways, and ways you have no control over but do the above and you will be pretty safe.

    Also keep a backup of all your files, i have my major sites and an FTP client stored on an 8GB USB keyring so i can put them back online from anywhere.
    I'm using the most recent cPanel (thanks hostgator) as well as a mac which most keyloggers don't work on/for. I have a secured network with a tough password so I think I'm covered there too.
    I'm currently hosting with: hostgator

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •