New..!! AhmadBj Blogs Was Reborn..!! Visit US..!!

Adsense

Cara melindungi config file dari aksi symlink

Semakin Berkembangnya dunia IT, sehingga semakin bermunculan anak anak baru jadi yang mengaku sebagai hacker, dan salah satu metode nya adalah menggunakan symlink, kali ini saya akan  mensharingkan bagaimana cara ngepatch nya, dimana kita dapat melindungi sebuah file config dari aksi symlink / jumping , trik ini sangat sederhana yaitu cuma mengubah chmod atau hak akses permission dari cpanel hosting dan mencegah masuk dengan .htaccess.

oke berikut ini adalah cara untuk melindungi file config dari symlink.


1. login ke cpanel hosting.
2. buka ftp / file manager dari cpanel agan. ( disini saya menggunakan net2ftp



3. terus cari direktori dari file config nya


4. Centang config.php nya lalu klik chmod.


5. lalu setting U | G | O atau O | G | E ( UGO = User, Group, Other ) , (OGE = Owner, Group, Everyone ) , menjadi chmod 444 atau , read,read,read seperti ini


6. Save Permission nya

7. setelah pengaturan chmod kita akan melompat ke .htaccess , jika di public_html terdapat file .htaccess langsung saja diedit , tapi jika masih kosong buat file baru dengan nama ".htaccess" (tanpa kutip)

8. lalu pastekan perintah ini pada file .htaccess

order allow,denydeny from all

dimana "config.php" adalah file config yang akan kita lindungi.
order allow, cuma untuk memerintahkan dibolehin ajah
deny = denied
deny from all = denied untuk semua OGE,


.htaccess nya seperti ini :


9. Save file nya lalu cek file nya dengan cara buka file config.php nya , maka akan menemukan
seperti ini :

10. Oke sekarang file config anda sudah terlindungi dari aksi symlink.

beberapa file config dari setiap cms yang berbeda :

- wp-config.php = Wordpress
- configuration.php = Joomla, WHMCS , dan lain-lain
- inc/config.php = MyBB
- includes/config.php = phpdolphin, socialfox, sngine

terkadang setiap cms berbeda beda letak dari file config nya/

11 Responses to " Cara melindungi config file dari aksi symlink"

  1. Hey! This is my first visit to your blog! We are a team
    of volunteers and starting a new project in a community in the same niche.
    Your blog provided us valuable information to work on. You have done a marvellous job!


    Feel free to visit my page ... bing.com ()

    ReplyDelete
  2. Thanks for sharing your thoughts. I truly appreciate your efforts and I will be
    waiting for your further post thank you once again.

    Check out my web site diy improvements (http://www.homeimprovementdaily.com)

    ReplyDelete
  3. Hello, after reading this awesome article i am too glad to share
    my know-how here with friends.

    My blog: show homes ideas (http://homeimprovementfornewbs.com)

    ReplyDelete
  4. It's hard to come by experienced people for this topic, but you sound like you know what you're talking about!
    Thanks

    My page :: weight loss (http://www.w3ightl055.com)

    ReplyDelete
  5. Hi there terrific website! Does running a blog such as this take a great deal of work?
    I've virtually no knowledge of coding however I had been hoping to start my own blog in the near
    future. Anyhow, if you have any recommendations or techniques
    for new blog owners please share. I understand this is
    off topic however I simply wanted to ask. Cheers!

    my web page fatty acids

    ReplyDelete
  6. With havin so much content do you ever run into any issues of plagorism
    or copyright violation? My website has a lot of exclusive content I've either created
    myself or outsourced but it appears a lot of it is popping it up all over the web without my permission. Do
    you know any ways to help protect against content from being ripped off?
    I'd truly appreciate it.

    Feel free to surf to my blog post - Obat Herbal Alami Murah

    ReplyDelete
  7. Wonderful beat ! I would like to apprentice while you amend your website, how
    could i subscribe for a weblog website? The account aided me a acceptable deal.
    I were tiny bit familiar of this your broadcast provided shiny
    transparent idea

    Feel free to surf to my web-site; grosir mokamula

    ReplyDelete
  8. This information is worth everyone's attention. When can I find out more?


    My web page grosir mokamula

    ReplyDelete
  9. Great blog! Is your theme custom made or did you download it from somewhere?
    A theme like yours with a few simple adjustements would really make my
    blog shine. Please let me know where you got your theme.
    Bless you

    My website: grosir mokamula

    ReplyDelete
  10. Hi there to every single one, it's really a good for me to go
    to see this web page, it contains valuable Information.

    Visit my site ... grosir mokamula

    ReplyDelete
  11. Very good article! We are linking to this great post on our site.
    Keep up the great writing.

    my webpage: 資料救援台中

    ReplyDelete

untuk berkomentar:
1. setelah Anda membaca artikel ini anda wajib komentar
2. komentar anda sangat saya harapkan
3.komentar anda sangatlah penting demi kemajuan blog kita
4. komentar anda bagaikan berlian yang tak ternilai harganya
5. Cantumkan link blog anda apabila anda berkomentar, agar blog anda ikut naik trafic nya

Followers

Like Us On Facebook