Web attacks and analysis. Reading attackers thoughts is one way of reaching protection. How can we do it in real life?
Independent of what you program on the web, you will experience attacks. Especially if you have any kind of form on the website. Log in forms, post/comment forms and contact forms are very interesting for hackers, spammers and different kinds of bots.
Complex systems like websites created in WordPress are even more interesting in situations mentioned above. It might be so because there are known paths or ways of attacking and spamming which gives opportunities to abuse those and satisfy the temptations. Our first article this year mentioned security holes and challenges for hackers.
How can we protect us?
The question is not easy. There are many developed protections but the question is if they are 100% safe. For experienced hackers and spammers there will always be a new way of coming in to a system so protection development must always be up to date. Script intelligence must be adapted to new challenges at the same time as it has to keep old dangers away.
Analysis can help
Reading attackers thoughts is one way of reaching protection. How can we do it in real life? One way of doing that is by using logs that can show us activities. But logs are not always our key to the right door.
We must understand the web traffic flow on websites. For example, we must be able to see where and how some actions are sent. If we know what file gets affected then we can find functions that are attacked in different attempts. We can then protect our function or script but we must know that it can be just a temporary protection before hackers find out the way of how it works.
Blocking IP addresses?
In logs we can see IP adresses. They are mostly not connected to one user only. If we decide to block an IP address then there is a big risk to block many innocent users and lose visitors, so blocking is not a right protection. It can only be right as temporary protections in case we are affected by effective attacks that disturb our traffic.