During the development of a site, me and the team decided to develop the site wi

Question

During the development of a site, me and the team decided to develop the site with my computer as a server, with me making my localhost available from outside. I have been using several settings to try protecting the site while in development, for example by adding password to XAMPP, phpMyAdmin, but recently one of the team members said to me that when he visited the site a day ago, some content on a .php page on the site (images and text sections) has been altered.

When I took a look at the site everything was like it was before, not a single character in the source code had been altered as far as I could tell. Also, the DB is intact and nothing else has happened since.

My question now is: what can I do to assure myself that the server has not been hacked into, and what can I do to secure myself from threats of this kind in the future?

Explanation / Answer

It's very hard to be have assurance there is no malware present on your server. There are indicators of compromise, but considering you probably didn't log anything remotely and did not have controls in place to prevent unauthorized alteration, it's very hard to rely on your system.

Some recommendations (from the perspective that you are on a very limited budget):

+ Use external version control like git (keep it seperate from your test server)
+ Don't host your development environment on the internet, there's no reason to expose it to the internet, use VPN or SSH tunneling to access the server
+ Log all access remotely, log file alterations on the file systems where you believe you are hosting critical data
+ Use HIDS to detect violations

Related Questions

Navigate

• Browse (All)
• Browse D
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.