Ir para conteúdo
Fórum Script Brasil
  • 0

Dicas de segurança

RodrigoGomes

Perguntado por RodrigoGomes,

 Share

Pergunta

RodrigoGomes

RodrigoGomes

Postado
Postado (editado)

Bom pessoal, um dos meus últimos projetos (l2ouro.com) fez tanto sucesso que estou começando a ter que lidar com algo que não lidava antes.

Segurança do meu servidor e scripts.

Tenho recebido várias "tentativas" de ataque ao meu dc. Por sorte minha todas falharam pois eu tenho o costume de fazer os scripts sem deixar nenhuma brexa e configurar tudo muito bem feito.

Porém nem todos são perfeitos, estes dias ví algo estranho acontecer em meu site, ele dizia que o limite de conexões ao BD estava cheio, ele já ficou meses on e nunca deu isso. E até não hoje achei o real motivo.

Então resolvi observar os logs e encontrei uma surpresa,

Vários ips e ao menos umas 3 vezes por dia fazem scanner nas minhas páginas a procura de uma entrada para o mysql, como por exemplo:

/phpmyadmin

/mysqladmin

/mysql

...

Eles tentam de muuuuitas formas mesmo, felizmente meu BD não esta liberado para ser acessado pela web muito menos para acesso "externo" pela porta.

Também não uso FTP por motivos de segurança.

Aceito qualquer sugestão mesmo, pois estou percebendo que não só uma pessoa mas várias estão procurando brexas em meus servidores e isso me preocupa.

Então quais dicas vocês teriam para mim? Quais costumes devo ter? Como ter certeza de um php seguro? Como evitar um futuro ataque DDOS?

Lembrando que, todos os servidores estão sobre minha responsabilidade, desde o apache até o serviço de dns (NS1, NS2).

Editado por Vampyro
Link para o comentário
Compartilhar em outros sites

4 respostass a esta questão

Posts Recomendados

  • 0
RodrigoGomes

RodrigoGomes

Postado
  • Autor
Postado (editado)

Novamente, esses scanners acontecem cerca de 3 a 5 vezes por dia e sempre com um IP diferente.

Eu estou pegando todos os IPs e bloqueando o acesso pelo firewall.

[Sat Nov 14 18:05:44 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/phpMyAdmin/main.php
[Sat Nov 14 18:05:45 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin
[Sat Nov 14 18:05:47 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpmyadmin2
[Sat Nov 14 18:05:47 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin2
[Sat Nov 14 18:05:48 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2
[Sat Nov 14 18:05:48 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.2.3
[Sat Nov 14 18:05:49 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.2.6
[Sat Nov 14 18:05:49 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.5.1
[Sat Nov 14 18:05:50 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.5.4
[Sat Nov 14 18:05:50 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.5.5-rc1
[Sat Nov 14 18:05:51 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.5.5-rc2
[Sat Nov 14 18:05:51 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.5.5
[Sat Nov 14 18:05:52 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.5.5-pl1
[Sat Nov 14 18:05:52 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.5.6-rc1
[Sat Nov 14 18:05:53 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.5.6-rc2
[Sat Nov 14 18:05:53 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.5.6
[Sat Nov 14 18:05:53 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.5.7
[Sat Nov 14 18:05:54 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.5.7-pl1
[Sat Nov 14 18:05:54 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.6.0-alpha
[Sat Nov 14 18:05:55 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.6.0-alpha2
[Sat Nov 14 18:05:55 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.6.0-beta1
[Sat Nov 14 18:05:56 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.6.0-beta2
[Sat Nov 14 18:05:56 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.6.0-rc1
[Sat Nov 14 18:05:57 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.6.0-rc2
[Sat Nov 14 18:05:57 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.6.0-rc3
[Sat Nov 14 18:05:58 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.6.0
[Sat Nov 14 18:05:58 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.6.0-pl1
[Sat Nov 14 18:05:59 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.6.0-pl2
[Sat Nov 14 18:05:59 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.6.0-pl3
[Sat Nov 14 18:06:00 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.6.1-rc1
[Sat Nov 14 18:06:00 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.6.1-rc2
[Sat Nov 14 18:06:01 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.6.1
[Sat Nov 14 18:06:01 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.6.1-pl1
[Sat Nov 14 18:06:02 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.6.1-pl2
[Sat Nov 14 18:06:02 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.6.1-pl3
[Sat Nov 14 18:06:03 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.6.2-rc1
[Sat Nov 14 18:06:03 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.6.2-beta1
[Sat Nov 14 18:06:04 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.6.2-rc1
[Sat Nov 14 18:06:04 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.6.2
[Sat Nov 14 18:06:05 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.6.2-pl1
[Sat Nov 14 18:06:05 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.6.3
[Sat Nov 14 18:06:06 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.6.3-rc1
[Sat Nov 14 18:06:06 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.6.3
[Sat Nov 14 18:06:06 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.6.3-pl1
[Sat Nov 14 18:06:07 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.6.4-rc1
[Sat Nov 14 18:06:07 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.6.4-pl1
[Sat Nov 14 18:06:08 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.6.4-pl2
[Sat Nov 14 18:06:08 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.6.4-pl3
[Sat Nov 14 18:06:09 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.6.4-pl4
[Sat Nov 14 18:06:09 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.6.4
[Sat Nov 14 18:06:10 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.7.0-beta1
[Sat Nov 14 18:06:10 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.9.0-beta1
[Sat Nov 14 18:06:11 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.8.2.4
[Sat Nov 14 18:06:11 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.8.2.3
[Sat Nov 14 18:06:12 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.8.2.2
[Sat Nov 14 18:06:12 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.8.2.1
[Sat Nov 14 18:06:12 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.8.2
[Sat Nov 14 18:06:13 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.8.1
[Sat Nov 14 18:06:13 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.8.1-rc1
[Sat Nov 14 18:06:14 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.8.0.4
[Sat Nov 14 18:06:14 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.8.0.3
[Sat Nov 14 18:06:15 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.8.0.2
[Sat Nov 14 18:06:15 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.8.0.1
[Sat Nov 14 18:06:16 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.8.0
[Sat Nov 14 18:06:16 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.8.0-rc2
[Sat Nov 14 18:06:17 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.8.0-rc1
[Sat Nov 14 18:06:17 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.8.0-beta1
[Sat Nov 14 18:06:18 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.7.0-pl2
[Sat Nov 14 18:06:18 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.7.0-pl1
[Sat Nov 14 18:06:19 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.7.0
[Sat Nov 14 18:06:19 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.7.0-rc1
[Sat Nov 14 18:06:19 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.6.4-pl4
[Sat Nov 14 18:06:20 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.7.0-beta1
[Sat Nov 14 18:06:20 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.11.5
[Sat Nov 14 18:06:21 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.11.5-rc1
[Sat Nov 14 18:06:21 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.11.4
[Sat Nov 14 18:06:22 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.11.4-rc1
[Sat Nov 14 18:06:22 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.11.3
[Sat Nov 14 18:06:23 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.11.3-rc1
[Sat Nov 14 18:06:23 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.11.2.2
[Sat Nov 14 18:06:24 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.11.2.1
[Sat Nov 14 18:06:24 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.11.2
[Sat Nov 14 18:06:25 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.11.2-rc1
[Sat Nov 14 18:06:25 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.11.1.2
[Sat Nov 14 18:06:26 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.11.1.1
[Sat Nov 14 18:06:26 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.11.1
[Sat Nov 14 18:06:27 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.11.1-rc1
[Sat Nov 14 18:06:27 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.11.0
[Sat Nov 14 18:06:27 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.11.0-rc2
[Sat Nov 14 18:06:28 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.11.0-rc1
[Sat Nov 14 18:06:28 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.11.0-beta1
[Sat Nov 14 18:06:29 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.10.3
[Sat Nov 14 18:06:29 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.10.3-rc1
[Sat Nov 14 18:06:30 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.10.2
[Sat Nov 14 18:06:30 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.10.2-rc1
[Sat Nov 14 18:06:31 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.10.1
[Sat Nov 14 18:06:31 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.10.1-rc1
[Sat Nov 14 18:06:32 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.10.0.2
[Sat Nov 14 18:06:32 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.10.0.1
[Sat Nov 14 18:06:33 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.10.0
[Sat Nov 14 18:06:33 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.10.0-rc1
[Sat Nov 14 18:06:34 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.10.0-beta1
[Sat Nov 14 18:06:34 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.9.2
[Sat Nov 14 18:06:34 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.9.2-rc1
[Sat Nov 14 18:06:35 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.9.1.1
[Sat Nov 14 18:06:35 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.9.1
[Sat Nov 14 18:06:36 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.9.0.3
[Sat Nov 14 18:06:36 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.9.1-rc2
[Sat Nov 14 18:06:37 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.9.0.2
[Sat Nov 14 18:06:37 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.9.0.1
[Sat Nov 14 18:06:38 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.9.1-rc1
[Sat Nov 14 18:06:38 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.9.0
[Sat Nov 14 18:06:39 2009] [error] [client 84.61.56.13] client denied by server configuration: ***/htdocs/servegame/phpMyAdmin-2.9.0-rc1
[Sat Nov 14 18:06:39 2009] [error] [client 84.61.56.13] Invalid URI in request GET main.php HTTP/1.0

Editado por Vampyro
Link para o comentário
Compartilhar em outros sites
  • 0
ESerra

ESerra

Postado
Postado

E daí? Isso dai é a coisa mais comum que existe... Se você faz tudo como diz: "eu tenho o costume de fazer os scripts sem deixar nenhuma brexa e configurar tudo muito bem feito." não tem o que com se preocupar.

Quando a evitar o DDoS, não existe nenhuma maneira eficiente para isso.

Link para o comentário
Compartilhar em outros sites
  • 0
RodrigoGomes

RodrigoGomes

Postado
  • Autor
Postado

Eu não estou preocupado, estou prevenindo.

Se algum tipo de sistema é capaz de scannear seu site com 5 ips diferentes por dia, um ataque ddos não custa nada.

É fato que eu tento fazer tudo com o máximo de segurança possível, porém ninguém "sabe tudo", sempre alguém sabe alguma coisinha que outros não sabem, uma falha, enfim.

Como por exemplo, já tentaram acessar uma página que pedia um valor GET e neste valor colocaram um script, é óbvio que não funcionou, mas se tentaram é por que aquilo funciona em algum lugar.

O objetivo do tópico é "juntar" mesmo como cada faz a segurança de seus scripts e as melhores formas que aplicam, para quem sabe posteriormente estarmos fazendo um tutorial só sobre este assunto.

Eu atualmente estou planejando uma forma de criar algo que minimize o impacto de floods ou muitos usuários acessando os scripts, com algum tipo de cache que armazene por 1 ou 2 minutos os dados e o servidor não tenha que ficar fazendo consultas ao bd a cada visita.

Link para o comentário
Compartilhar em outros sites
  • 0
ESerra

ESerra

Postado
Postado

Isso de estar usando 5 IPs diferentes provavelmente seja proveniente do uso de PCs zumbis... é meio "apavorante" os logs, porque mostra alguém tentando fazer algo que não devia, um dos sites que eu criei e que tem uma parte de controle de erros demonstra isso toda hora, é raro o dia que alguém (ou um bot) não tenta acessar coisas aleatórios que não existem no servidor, ou então, acessam a pasta admin e tentam fazer login, sendo que essa pasta só serve de isca já que ela não é a pasta real de administração do site... enfim, a coisa é complicada, sempre vai ter algum desocupado para tentar atacar o site de alguma maneira.

Link para o comentário
Compartilhar em outros sites

Participe da discussão

Você pode postar agora e se registrar depois. Se você já tem uma conta, acesse agora para postar com sua conta.

Visitante
Responder esta pergunta...

×   Você colou conteúdo com formatação.   Remover formatação

  Apenas 75 emoticons são permitidos.

×   Seu link foi incorporado automaticamente.   Exibir como um link em vez disso

×   Seu conteúdo anterior foi restaurado.   Limpar Editor

×   Você não pode colar imagens diretamente. Carregar ou inserir imagens do URL.

×
 Share
Ir para lista de Perguntas


  • Estatísticas dos Fóruns

    • Tópicos
      152,3k
    • Posts
      652,6k
×
×
  • Criar Novo...