Simplicity of finding data leaks and ensuring the safety of websites in Yandex

Simplicity of finding data leaks and ensuring the safety of websites in Yandex

The article "Ensuring the safety of websites" was provided by security experts.

In the process of preparing this article, the author decided to check how easily it is possible to find examples of data leaks, and introduced the standard name of the widespread FTP client into various search engines. This led to the detection of thousands of websites on which this seemingly insignificant FTP log-file was available in open form (and indexed by search engines without the knowledge of administrators). Each of these sites can be an example of data leakage.

How easy it is to find data leakage on the site in Yandex

An example of such a log-file looks as follows (with bills):

Note

99.07.16 08:34 A X: XXXXXXXX XXXXXX XXXXXX WS_FTP.LOG <-

/Export/Home//xxxxxx/xxxxxxx ws_ftp.log

07/09/16 08:53 A x: xxxxxxxx xxxxxx xxxxxx home. ->

/xx/www/xxxxxx-xxx/xxxxhome.

The importance of the data contained in the log-file for the safety of your site in Yandex

From this fragment you can extract many useful information:

  • Web site name;
  • The name of the server user controlled by Linux or BSD;
  • The name of the server node.

Based on these data, you can find out the following:

  • Name of the node and IP address of the web server;
  • Remote path along which copying was made;
  • The local path from which the copy was made.

How information from logs can threaten the safety of the site in Yandex

These data are a valuable source for attackers, since the presence of the node and the user name provides an opportunity to try to get administrative access to the server. In addition, attackers may try to find the contact details of the company-Hosting Provider and, using social engineering, to get the accounting data.

Safety problems when working with your site in Yandex

This is often easier than directly attacking the server, because many hosting providers use only minimal security measures to transfer accounting. The reason for this is the fact that they often work with individual contractors who develop sites for customers, and in such cases a request to provide accounting data or reset the password is perceived as a regular request.

The author of the article carried out similar actions (naturally, legally), and only one of the four companies applied for permission to the owner of the website.

Why is it important to monitor the safety of the site in Yandex

Thus, the security threats of your site can arise due to negligence, both in the processing of logs and when interacting with hosting providers.

You can contact us to receive an additional consultation on the safety issues of the site or for other SEO questions by phone or email: info@seo.computer, WhatsApp +79202044461.

ID 51

Send a request and we will provide a consultation on SEO promotion of your website
By submitting an application, you agree to the privacy policy