Ò_Ó

My photo
Taunggyi, Shan State, Myanmar (Burma)
Join me on Facebook - Khun Htet Aung Hlaing -

Wednesday, June 20, 2012

Web Dev/Master မ်ားသုိ႔ (By Planet Creator Net)



Web Site တစ္ခု အဟက္ခံရင္ ဟုိလူ႔ေၾကာင့္ ၊ ဒီလူ႔ေၾကာင့္ ဆုိၿပီး ထင္ရာ ၿမင္ရာေတြနဲ႔ ေၿပာၾက ဆုိၾကတာေတြ အမ်ားၾကီးပါ။ ဒါေပမဲ႔ ဘယ္သူကပဲ ဘယ္လုိဟက္ဟက္ တုိက္ခုိက္ခံရတဲ႔အခါ သူတုိ႔ကုိယ္တုိင္ Attacker တစ္ေယာက္ ၀င္ေရာက္သြားမႈေတြကုိ ၾကည့္လို႔ရသလုိ မၾကည့္တတ္ရင္လည္း မိမိရဲ႕ Host Provider ကုိအကူအညီေတာင္းလုိ႔ရပါတယ္။

ေနာက္တစ္ခ်က္က ၿမန္မာ Host Provider ကုိမယုံရဘူးဆုိၿပီး ေၿပာေနၾကတဲ႔သူေတြအတြက္ ကၽြန္ေတာ့္အေနနဲ႔ ဘယ္ Host က Security လုံၿခံဳပါသလဲလုိ႔ေမးခ်င္ပါတယ္။ သူတုိ႔က သူတုိ႔ရဲ႕ Information ေတြကုိ ယူႏုိင္တယ္လုိ႔ထင္ၾကတာကုိး။ ကၽြန္ေတာ့္အေနနဲ႔ကေတာ့ အဲ႔လုိ လုပ္တဲ႔ Host provider ဆုိတာ မရွိသေလာက္ပဲ။ ဘာေၾကာင့္လဲဆုိေတာ့ တစ္ၿခား ၿပင္ပမွာလည္း ပညာရွင္ေတြအမ်ားၾကီးပါ ။ အကယ္၍ အဲ႔လုိ ခုိးယူတယ္ဆုိတာ လက္ေတြ႔ၿပႏုိင္ရင္ တည္ဆဲဥပေဒအရ အေရးယူႏုိင္တဲ႔အၿပင္ ၄င္းရဲ႕ လုပ္ငန္းလည္း လုံး၀ ပ်က္သုဥ္းသြားပါလိမ့္မယ္။ ဒါက ကၽြန္ေတာ့္အၿမင္ေပါ႔။

Website ေတြကုိ ပုိၿပီး လုံၿခဳံဖုိ႔အတြက္ ကၽြန္ေတာ္တုိ႔ အုပ္စု (၄) စုခြဲလုိက္ပါမယ္။

၁။ Invidividual Webmaster ( တစ္ဦးတစ္ေယာက္တည္း က မိမိရဲ႕ Personal or Company Site ကုိထိန္းသိမ္းတဲ႔ - အုပ္စု (၁) )
၂။ Single User with Multiple Hosting Account ( Control Panel တစ္ခုတည္းကေန Domain အမ်ားၾကီးကုိ ခြဲေ၀ အသုံးၿပဳသူ - အုပ္စု (၂) )
၃။ Reseller (Web hosting ေတြမွ တစ္ဆင့္ Reseller အေကာင့္ယူ၍ ၿပန္လည္ ေရာင္းခ်သူ - အုပ္စု (၃) )
၄။ Web Host Provider ( Web Hosting မ်ားကုိ Server ေထာင္၍ ၿပန္လည္ေရာင္းခ်သူ - အုပ္စု (၄) )

ဒီစာ ကုိ ဖတ္ၿပီးတဲ႔အခ်ိန္မွာ သင္တုိ႔အေနနဲ႔ မိမိရဲ႕ cPanel ႏွင့္ FTP password မ်ားကုိ ပထမဦးစြာ ေၿပာင္းလဲဖုိ႔ အရင္ဆုံး လုပ္ေဆာင္ပါေလ။

Hack တဲ႔ေနရာမွာ  ခ်ဥ္းနွီး၀င္ေရာက္ တုိက္ခုိက္မႈ နည္းလမ္း အမ်ားၾကီးရွိပါတယ္။ ဒီအထဲမွာ Web Hacking နဲပက္သက္လုိ႔ - လက္တစ္ေလာက္ ၿဖစ္ေပၚေနတဲ႔ တုိက္ခုိက္မႈေတြနဲ႔ပက္သက္ၿပီး အၿဖစ္အမ်ားဆုံးကေတာ့  SQL injection Security Vulnerability နဲ႔ Denail of Services Attack ေတြၿဖစ္ပါတယ္။

SQL Injection နဲ႔ပက္သက္ၿပီး ယခင္က ေရးထားတာေလးပါ။
http://myanmar01.grou.ps/blogs/item/sql-injection-%E1%80%9E%E1%80%AF%E1%80%AD%E1%82%94%E1%80%99%E1%80%9F%E1%80%AF%E1%80%90%E1%80%B9-hacker-%E1%80%B1%E1%80%90%E1%80%BC%E1%80%9B%E1%80%B2%E1%82%95-%E1%80%90%E1%80%AF%E1%80%AD%E1%80%80%E1%80%B9%E1%80%80%E1%80%BC%E1%80%80%E1%80%B9%E1%80%86%E1%80%94%E1%80%B9%E1%80%B8%E1%80%90%E1%80%85%E1%80%B9%E1%80%81%E1%80%AF

ဥပမာ တစ္ခုနဲနဲ ထပ္ၿပပါမယ္။ www.karmasangsthanbank.gov.bd/index.php?pageId=news&newsId=4 ကုိ ၀င္ၾကည့္မယ္ဆုိရင္ မွန္ကန္တဲ႔ Data တစ္ခုကုိသာ ေဖာ္ၿပမွာၿဖစ္ၿပီး ( ' ) Apostrophe ေလးထည့္လုိက္ရင္ Warning: mysql_free_result(): supplied argument is not a valid MySQL result ဆုိၿပီး error msg ၿပေနပါလိမ့္မယ္။ အထက္ပါလင့္က Blind SQL ပါ။ SQL Injection မွာလည္း MySQL Injection, MsSQL Injection, Blind SQl Injection စသည္ၿဖင့္ အမ်ားၾကီးရွိပါတယ္။

// Connect DB
$newsId= $_GET['newsId'];  
$query = "SELECT * FROM tblnews WHERE newsId= '$newsId'";
if ($result = mysql_query($query)) {
    while ($row = mysql_fetch_array($result)) {
        //blah blah data here
    }
    mysql_free_result($result); //blah blah result here
}
// DB Close
အထက္ပါ Code ကုိၾကည့္မယ္ဆုိရင္ Developer ေတြက Code နဲ႔ Page ေတြမ်ားလာရင္ URL က၀င္လာတဲ႔ Data ကုိ $_GET varible နဲ႔ ေခၚသုံးတဲ႔အခါ filtering မလုပ္မိတတ္ပါဘူး။ ကၽြန္ေတာ္ကုိယ္တုိင္လည္း ၿဖစ္တတ္လုိ႔ပါ။ ဒါေၾကာင့္ ဒီေနရာကေန မိမိ Website ရဲ႕ information ကုိ အလြယ္တကူ ခုိးယူလုိ႔ရပါတယ္။ mysql_real_escape_string(trim($_GET['newsId'])); ဆုိၿပီးသုံးခဲ႔မယ္ဆုိရင္ေတာ့ URL က ၀င္လာတဲ႔ Data ကုိ စစ္ထုတ္ထားတာၿဖစ္တဲ႔အတြက္ Database ထဲက data ေတြနဲ႔ စစ္ထုတ္လုိ႔မမွန္ရင္ မမွန္တဲ႔အေၾကာင္းကုိ
 တိတိက်က်ေဖာ္ၿပေပးသြားမွာ ၿဖစ္တဲ႔အတြက္ မိမိရဲ႕ Site ကုိကာကြယ္ၿပီးသားၿဖစ္ေနပါလိမ့္မယ္။

Denial of Service / Distributed Denial of Service Attack ေတြကုိ  DoS¸ DDoS ႏွင့္ Zombie တုိ႔အေၾကာင္း ဆုိၿပီး planet.com.mm မွာ ေရးထားဖူးပါတယ္။
http://www.planet.com.mm/forums/index.cfm/linkpage/topic/forum_id/85/Topic_Id/101741/page/1

ဘယ္လုိကာကြယ္ရမလဲဆုိတာကေတာ့ ရွာႏႈန္းၿပည့္ ကာကြယ္ႏုိင္တဲ႔ နည္းလမ္းကုိ မေတြ႔ေသးပါဘူး။ အခုေနာက္ေပၚတဲ႔ DoS Tool ေတြတုိင္းက IP Spoofing ကုိသုံးလာၾကတာ ပါ။ အတုိခ်ဴပ္ေၿပာရမယ္ဆုိရင္ေတာ့ OSI Model Layer 3 မွာ အလုပ္လုပ္တဲ႔ IP - ၄င္း IP Packet တုိင္းမွာ Header ႏွင့္ Data ဆုိၿပီး ႏွစ္မ်ုိးပါ၀င္ပါတယ္။ ၄င္း Header မွာမွ IP address of sender & receiver နဲ႔ တစ္ၿခား Information ေတြပါ၀င္ေနပါတယ္။ ဒီေနရာမွာ sender ၿဖစ္တဲ႔ Source IP Address ကုိ fake IP အၿဖစ္အၾကိမ္ၾကိမ္ေၿပာင္းလဲၿပီး ပုိ႔လြတ္တာပါပဲ။ ဒါေၾကာင့္လဲ Webmaster/ Web Administrator ေတြအေနနဲ႔ DDoS တုိက္တဲ႔ မႈရင္း Source ကုိလုိက္ဖုိ႔ခက္ပါတယ္။
ေၿပာမယ္ဆုိရင္ေတာ့ အမ်ားၾကီးပါ။ IP Spoofing ကုိရွင္းၿပရင္ TCP/IP ကုိၿပန္သြားေနရ ထုိ႔မွတစ္ဆင့္ OSI စသည္ၿဖင့္ မၿပီးႏုိင္တဲ႔ဇာတ္လမ္းၿဖစ္သြားပါလိမ့္မယ္။
ဒါေၾကာင့္ အခု IP Spoofing သုံးတဲ႔ DoS ေတြကုိ ကာကြယ္ဖုိ႔ဆုိတာ Router မွာ packets filtering လုပ္ၿခင္းကအေကာင္းဆုံးနည္းလမ္းပါပဲ။ တစ္ၿခားနည္လမ္းေတြကေတာ့ Server Configuration ေတြေပါ႔။ Web Server ပုိင္းကုိ ၀င္လုိ႔မရတဲ႔ အုပ္စု ၁၊ ၂၊ ၃ ေတြအေနနဲ႔မိမိတုိ႔ရဲ႕ Web ကုိကာကြယ္မယ္ဆုိရင္ေတာ့ TweetyCoaster PHP နဲ႔ေရးထားတဲ႔ Little Lady Baby DDoS Shield ေလးလည္းမဆုိးပါဘူး။
http://code.google.com/p/ddos-shield/

ေနာက္တစ္ခုကေတာ့ Control Panel တစ္ခုတည္းကေန Domain အမ်ားၾကီးကုိ ခြဲေ၀ အသုံးၿပဳသူ - အုပ္စု (၂) မွာဆုိရင္ Site တစ္ခုေပါက္တာနဲ႔ တစ္ၿခားသူေတြက ၄င္း cPanel မွာ တင္ထားတဲ႔ Site အားလုံးကုိ shell တင္ၿပီး ၀င္ေမြသြားလုိ႔ရပါတယ္။ ဒီလုိေနရာမ်ဳိးမွာ ဘယ္လုိမွ ကာကြယ္လုိ႔မရပါဘူး။ ဒီလုိအခ်ိန္မ်ဳိးမွာ cPanel ကုိင္ထားတဲ႔သူက Access Log တြင္းကေန ဘယ္ေနရာက ဘယ္အခ်ိန္ ဘယ္လုိ၀င္တယ္ဆုိတာ ၾကည့္ႏုိင္၊ သိႏုိင္ပါတယ္။

ေနာက္တစ္ခုက Shared Host ေတြသုံးတဲ႔ သူေတြအေနနဲ႔ Individual cPanel ရတာၿဖစ္တဲ႔အတြက္ ေစာေစာကလုိ တစ္ၿခား cPanel ကေန မိမရဲ႕ cPanel ကုိ၀င္ေရာက္လုိ႔မရပါဘူး။ သို႔ေသာ္ အခုေနာက္ပုိင္း Hacking Shell ေတြေတာ္ေတာ္မ်ားမ်ား က Symbolic links ("symlink")

ေတြကုိသုံးလာၾကတာၿဖစ္တဲ႔အတြက္ မိမိရဲ႕ Web directory က Mod Permission 750 အထက္ၿဖစ္ေနမယ္ဆုိရင္ အလြယ္တကူ directory ထဲက config ဖုိင္ေတြကုိၾကည့္ႏုိင္ပါတယ္။ ဒီလုိကာကြယ္ဖုိ႔ကေတာ့ Webdirectory ၿဖစ္တဲ႔ home or public_html ဆုိတာေတြကုိ mod 750 သာ ထားရန္ႏွင့္ .htaccess နဲ႔ Protect လုပ္ႏုိင္ပါတယ္။ Config ပုံကေတာ့
########################################################################
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} !^www.planetcreator.net$ [NC]
RewriteRule ^(.*)$ http://www.planetcreator.net/$1 [L,R=301]
ErrorDocument 400 http://www.worldwidemyanmar.com/?page=security
ErrorDocument 401 http://www.worldwidemyanmar.com/?page=security
ErrorDocument 403 http://www.worldwidemyanmar.com/?page=security
ErrorDocument 404 http://www.worldwidemyanmar.com/?page=security
ErrorDocument 500 http://www.worldwidemyanmar.com/?page=security

RewriteCond %{HTTP_USER_AGENT} ^BlackWidow [OR]
RewriteCond %{HTTP_USER_AGENT} ^Bot\ mailto:craftbot@yahoo.com [OR]
RewriteCond %{HTTP_USER_AGENT} ^ChinaClaw [OR]
RewriteCond %{HTTP_USER_AGENT} ^Custo [OR]
RewriteCond %{HTTP_USER_AGENT} ^DISCo [OR]
RewriteCond %{HTTP_USER_AGENT} ^Download\ Demon [OR]
RewriteCond %{HTTP_USER_AGENT} ^eCatch [OR]
RewriteCond %{HTTP_USER_AGENT} ^EirGrabber [OR]
RewriteCond %{HTTP_USER_AGENT} ^EmailSiphon [OR]
RewriteCond %{HTTP_USER_AGENT} ^EmailWolf [OR]
RewriteCond %{HTTP_USER_AGENT} ^Express\ WebPictures [OR]
RewriteCond %{HTTP_USER_AGENT} ^ExtractorPro [OR]
RewriteCond %{HTTP_USER_AGENT} ^EyeNetIE [OR]
RewriteCond %{HTTP_USER_AGENT} ^FlashGet [OR]
RewriteCond %{HTTP_USER_AGENT} ^GetRight [OR]
RewriteCond %{HTTP_USER_AGENT} ^GetWeb! [OR]
RewriteCond %{HTTP_USER_AGENT} ^Go!Zilla [OR]
RewriteCond %{HTTP_USER_AGENT} ^Go-Ahead-Got-It [OR]
RewriteCond %{HTTP_USER_AGENT} ^GrabNet [OR]
RewriteCond %{HTTP_USER_AGENT} ^Grafula [OR]
RewriteCond %{HTTP_USER_AGENT} ^HMView [OR]
RewriteCond %{HTTP_USER_AGENT} HTTrack [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Image\ Stripper [OR]
RewriteCond %{HTTP_USER_AGENT} ^Image\ Sucker [OR]
RewriteCond %{HTTP_USER_AGENT} Indy\ Library [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^InterGET [OR]
RewriteCond %{HTTP_USER_AGENT} ^Internet\ Ninja [OR]
RewriteCond %{HTTP_USER_AGENT} ^JetCar [OR]
RewriteCond %{HTTP_USER_AGENT} ^JOC\ Web\ Spider [OR]
RewriteCond %{HTTP_USER_AGENT} ^larbin [OR]
RewriteCond %{HTTP_USER_AGENT} ^LeechFTP [OR]
RewriteCond %{HTTP_USER_AGENT} ^Mass\ Downloader [OR]
RewriteCond %{HTTP_USER_AGENT} ^MIDown\ tool [OR]
RewriteCond %{HTTP_USER_AGENT} ^Mister\ PiX [OR]
RewriteCond %{HTTP_USER_AGENT} ^Navroad [OR]
RewriteCond %{HTTP_USER_AGENT} ^NearSite [OR]
RewriteCond %{HTTP_USER_AGENT} ^NetAnts [OR]
RewriteCond %{HTTP_USER_AGENT} ^NetSpider [OR]
RewriteCond %{HTTP_USER_AGENT} ^Net\ Vampire [OR]
RewriteCond %{HTTP_USER_AGENT} ^NetZIP [OR]
RewriteCond %{HTTP_USER_AGENT} ^Octopus [OR]
RewriteCond %{HTTP_USER_AGENT} ^Offline\ Explorer [OR]
RewriteCond %{HTTP_USER_AGENT} ^Offline\ Navigator [OR]
RewriteCond %{HTTP_USER_AGENT} ^PageGrabber [OR]
RewriteCond %{HTTP_USER_AGENT} ^Papa\ Foto [OR]
RewriteCond %{HTTP_USER_AGENT} ^pavuk [OR]
RewriteCond %{HTTP_USER_AGENT} ^pcBrowser [OR]
RewriteCond %{HTTP_USER_AGENT} ^RealDownload [OR]
RewriteCond %{HTTP_USER_AGENT} ^ReGet [OR]
RewriteCond %{HTTP_USER_AGENT} ^SiteSnagger [OR]
RewriteCond %{HTTP_USER_AGENT} ^SmartDownload [OR]
RewriteCond %{HTTP_USER_AGENT} ^SuperBot [OR]
RewriteCond %{HTTP_USER_AGENT} ^SuperHTTP [OR]
RewriteCond %{HTTP_USER_AGENT} ^Surfbot [OR]
RewriteCond %{HTTP_USER_AGENT} ^tAkeOut [OR]
RewriteCond %{HTTP_USER_AGENT} ^Teleport\ Pro [OR]
RewriteCond %{HTTP_USER_AGENT} ^VoidEYE [OR]
RewriteCond %{HTTP_USER_AGENT} ^Web\ Image\ Collector [OR]
RewriteCond %{HTTP_USER_AGENT} ^Web\ Sucker [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebAuto [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebCopier [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebFetch [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebGo\ IS [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebLeacher [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebReaper [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebSauger [OR]
RewriteCond %{HTTP_USER_AGENT} ^Website\ eXtractor [OR]
RewriteCond %{HTTP_USER_AGENT} ^Website\ Quester [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebStripper [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebWhacker [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebZIP [OR]
RewriteCond %{HTTP_USER_AGENT} ^Wget [OR]
RewriteCond %{HTTP_USER_AGENT} ^Widow [OR]
RewriteCond %{HTTP_USER_AGENT} ^WWWOFFLE [OR]
RewriteCond %{HTTP_USER_AGENT} ^Xaldon\ WebSpider [OR]
RewriteCond %{HTTP_USER_AGENT} ^Zeus
RewriteRule ^.* - [F,L]

<files .htaccess=""></files>
order allow,deny
deny from all

Options All -Indexes
########################################################################

IP Address နဲ႔ ပိတ္မယ္ဆုိရင္ေတာ့
<files></files>
Order Allow,Deny
Allow from all
Deny from 111.111.111.
Deny from 222.222.222.
ဆုိၿပီး သတ္မွတ္ႏုိင္သလုိ

ႏုိင္ငံရဲ႕ IP နဲ႔လည္း သတ္မွတ္ၿပီး ပိတ္ထားလုိ႔ရပါတယ္။ ဥပမာ Bangladesh ဆုိရင္
########################################################################
<limit get="" head="" post=""></limit>
order allow,deny
deny from 27.131.12.0/22
deny from 27.147.128.0/17
deny from 49.0.32.0/19
deny from 58.65.224.0/21
deny from 58.145.184.0/21
deny from 58.147.168.0/20
deny from 59.152.0.0/17
deny from 64.39.3.96/28
deny from 64.39.3.136/28
deny from 64.39.3.152/29
deny from 64.39.7.128/28
deny from 64.39.9.16/29
deny from 64.39.9.64/28
deny from 64.39.18.160/29
deny from 64.49.253.224/27
deny from 64.86.107.96/27
deny from 65.61.129.104/29
deny from 65.61.130.224/29
deny from 65.61.132.80/29
deny from 65.61.165.0/28
deny from 65.61.172.64/27
deny from 65.61.183.160/27
deny from 65.61.187.64/27
deny from 65.61.191.64/27
deny from 66.216.94.96/27
deny from 67.192.92.224/28
deny from 67.192.95.40/29
deny from 67.192.132.232/29
deny from 67.192.205.160/29
deny from 69.20.80.32/28
deny from 69.20.90.160/27
deny from 69.88.3.0/29
deny from 69.88.3.16/29
deny from 69.88.3.72/29
deny from 69.88.3.88/28
deny from 69.88.3.240/29
deny from 69.88.4.48/29
deny from 69.88.4.152/29
deny from 69.88.4.200/29
deny from 69.88.4.224/29
deny from 69.88.5.48/27
deny from 69.88.6.48/28
deny from 69.88.6.80/27
deny from 69.88.6.224/26
deny from 69.88.7.128/27
deny from 69.88.7.192/27
deny from 69.88.8.128/25
deny from 69.88.9.200/29
deny from 69.88.10.32/27
deny from 69.88.12.96/26
deny from 69.88.12.224/23
deny from 69.88.14.224/25
deny from 69.88.15.96/27
deny from 69.88.15.192/25
deny from 69.88.16.64/26
deny from 69.88.18.0/25
deny from 69.88.21.0/24
deny from 69.88.23.128/26
deny from 69.88.26.0/26
deny from 69.88.27.0/24
deny from 69.88.28.0/25
deny from 69.88.29.0/24
deny from 69.88.30.0/25
deny from 69.88.31.0/26
deny from 72.3.172.80/28
deny from 72.20.5.28/30
deny from 72.20.13.64/29
deny from 72.20.25.128/29
deny from 72.20.28.136/29
deny from 72.20.52.168/29
deny from 72.32.109.176/28
deny from 72.32.132.128/28
deny from 72.32.133.16/28
deny from 74.205.17.64/28
deny from 74.205.49.160/27
deny from 74.205.79.168/29
deny from 77.245.76.24/29
deny from 78.41.228.0/25
deny from 81.94.200.224/29
deny from 81.95.146.0/28
deny from 81.95.151.208/29
deny from 81.95.152.184/29
deny from 81.95.153.96/29
deny from 82.206.169.0/26
deny from 82.206.169.64/28
deny from 98.129.90.240/27
deny from 98.129.91.16/28
deny from 98.129.99.160/29
deny from 98.129.107.176/29
deny from 98.129.122.48/29
deny from 98.129.124.192/27
deny from 98.129.125.32/28
deny from 98.129.130.192/27
deny from 109.200.13.192/28
deny from 109.200.14.136/29
deny from 111.92.248.0/21
deny from 111.221.0.0/21
deny from 111.235.156.0/22
deny from 112.137.0.0/20
deny from 113.11.0.0/17
deny from 113.21.228.0/22
deny from 114.31.0.0/19
deny from 114.129.8.0/21
deny from 114.130.0.0/15
deny from 114.134.88.0/21
deny from 114.141.80.0/21
deny from 115.69.208.0/21
deny from 115.127.0.0/16
deny from 116.12.32.0/21
deny from 116.58.200.0/21
deny from 116.68.192.0/20
deny from 116.193.168.0/21
deny from 116.212.104.0/21
deny from 116.212.184.0/21
deny from 117.18.224.0/21
deny from 117.58.240.0/21
deny from 117.103.80.0/21
deny from 118.179.0.0/16
deny from 119.15.152.0/21
deny from 119.18.144.0/21
deny from 119.30.32.0/20
deny from 119.40.80.0/20
deny from 119.82.208.0/20
deny from 119.148.0.0/18
deny from 120.50.0.0/19
deny from 120.50.176.0/21
deny from 121.0.8.0/21
deny from 121.200.60.0/22
deny from 121.200.192.0/21
deny from 122.99.96.0/21
deny from 122.102.32.0/20
deny from 122.102.56.0/21
deny from 122.144.8.0/21
deny from 122.152.48.0/20
deny from 122.200.40.0/21
deny from 122.248.0.0/20
deny from 122.248.32.0/20
deny from 122.255.64.0/21
deny from 123.49.0.0/18
deny from 123.108.240.0/21
deny from 123.136.24.0/21
deny from 123.176.56.0/21
deny from 123.200.0.0/19
deny from 124.6.224.0/19
deny from 124.108.16.0/21
deny from 124.109.16.0/21
deny from 124.109.104.0/22
deny from 134.159.106.0/24
deny from 174.143.8.192/23
deny from 174.143.46.64/27
deny from 174.143.88.128/26
deny from 174.143.160.128/26
deny from 174.143.160.224/27
deny from 174.143.161.32/26
deny from 174.143.161.96/27
deny from 174.143.161.160/27
deny from 175.29.0.0/16
deny from 175.111.108.0/22
deny from 175.158.96.0/22
deny from 180.92.224.0/20
deny from 180.148.152.0/21
deny from 180.148.208.0/21
deny from 180.148.216.0/22
deny from 180.149.0.0/19
deny from 180.200.236.0/22
deny from 180.210.128.0/18
deny from 180.210.220.0/22
deny from 180.211.128.0/17
deny from 180.234.0.0/16
deny from 182.16.144.0/21
deny from 182.16.156.0/22
deny from 182.48.64.0/19
deny from 182.50.68.0/22
deny from 182.160.96.0/19
deny from 182.163.96.0/19
deny from 182.252.64.0/18
deny from 195.112.167.228/30
deny from 202.4.96.0/19
deny from 202.4.173.0/24
deny from 202.5.32.0/19
deny from 202.6.176.0/20
deny from 202.22.192.0/20
deny from 202.40.176.0/20
deny from 202.44.104.0/21
deny from 202.45.159.0/24
deny from 202.51.176.0/20
deny from 202.52.138.0/23
deny from 202.53.160.0/20
deny from 202.56.4.0/22
deny from 202.59.128.0/20
deny from 202.59.208.0/20
deny from 202.65.10.0/23
deny from 202.65.168.0/21
deny from 202.72.40.0/21
deny from 202.72.97.0/24
deny from 202.72.99.0/29
deny from 202.72.110.96/27
deny from 202.72.232.0/21
deny from 202.73.4.0/22
deny from 202.74.240.0/21
deny from 202.79.16.0/21
deny from 202.80.169.0/24
deny from 202.84.32.0/20
deny from 202.84.64.0/21
deny from 202.86.216.0/21
deny from 202.90.200.0/22
deny from 202.92.48.0/20
deny from 202.122.120.0/21
deny from 202.125.64.0/20
deny from 202.126.120.0/21
deny from 202.129.192.0/22
deny from 202.133.14.208/28
deny from 202.134.8.0/21
deny from 202.148.56.0/19
deny from 202.148.88.0/21
deny from 202.161.138.0/24
deny from 202.161.152.0/24
deny from 202.161.176.0/20
deny from 202.164.208.0/21
deny from 202.168.224.0/19
deny from 202.174.140.0/23
deny from 202.174.142.128/26
deny from 202.174.143.88/29
deny from 202.174.144.176/28
deny from 202.174.146.128/25
deny from 202.174.147.0/26
deny from 202.174.148.64/28
deny from 202.174.148.144/28
deny from 202.174.148.224/28
deny from 202.174.151.0/26
deny from 202.174.151.128/27
deny from 202.174.151.192/26
deny from 202.174.153.96/29
deny from 202.174.153.112/28
deny from 202.174.153.160/28
deny from 202.174.153.232/29
deny from 202.174.154.136/29
deny from 202.174.155.160/29
deny from 202.174.155.224/29
deny from 202.174.155.232/32
deny from 202.174.156.0/26
deny from 202.174.156.216/29
deny from 202.174.157.64/26
deny from 202.191.120.0/21
deny from 203.76.96.0/19
deny from 203.76.144.0/20
deny from 203.82.192.0/20
deny from 203.83.160.0/19
deny from 203.88.67.0/27
deny from 203.88.67.64/26
deny from 203.88.67.192/26
deny from 203.88.68.32/27
deny from 203.88.70.0/26
deny from 203.88.70.64/27
deny from 203.88.70.128/24
deny from 203.88.73.0/22
deny from 203.88.77.0/24
deny from 203.88.78.0/26
deny from 203.88.78.128/25
deny from 203.88.84.0/24
deny from 203.88.87.0/24
deny from 203.88.96.0/20
deny from 203.91.138.0/23
deny from 203.91.152.128/25
deny from 203.112.72.0/21
deny from 203.112.192.0/19
deny from 203.169.24.0/21
deny from 203.188.160.0/19
deny from 203.188.240.0/20
deny from 203.189.0.0/23
deny from 203.189.224.0/19
deny from 203.190.0.0/22
deny from 203.190.8.0/21
deny from 203.190.32.0/22
deny from 203.190.254.0/22
deny from 203.191.32.0/23
deny from 203.191.128.0/22
deny from 203.201.48.0/23
deny from 203.202.240.0/20
deny from 203.208.166.192/27
deny from 203.223.92.0/22
deny from 204.232.144.0/24
deny from 204.232.145.192/26
deny from 204.232.240.0/25
deny from 204.232.255.128/26
deny from 206.222.16.128/29
deny from 206.222.22.200/29
deny from 207.97.192.64/27
deny from 207.97.193.96/27
deny from 207.97.194.0/26
deny from 207.97.203.64/28
deny from 207.97.208.80/29
deny from 207.97.210.64/28
deny from 207.97.217.64/28
deny from 207.97.253.112/28
deny from 207.97.255.96/29
deny from 208.233.6.0/23
deny from 209.51.211.24/29
deny from 209.58.24.0/24
deny from 210.1.240.0/20
deny from 210.4.64.0/20
deny from 210.56.144.0/21
deny from 212.165.128.0/23
deny from 213.185.97.0/26
deny from 216.6.28.32/28
deny from 216.108.234.134/27
deny from 217.10.163.192/27
deny from 217.10.164.128/24
deny from 217.10.165.128/25
deny from 218.100.37.0/24
deny from 218.185.240.0/21
deny from 220.247.160.0/21
deny from 221.120.96.0/21
deny from 223.27.80.0/20
deny from 223.27.112.0/21
deny from 223.165.0.0/22
allow from all

########################################################################
စသည္ၿဖင့္ပိတ္ႏုိင္ပါတယ္။
Web Host Provider ေတြကုိေတာ့ အေထြအထူးမရွိပါဘူး။ မိေက်ာင္းမင္း ေရခင္းၿပသလုိ ၿဖစ္ေနမွာဆုိးလုိ႔။ ဒါေပမဲ႔ သူတုိ႔အေနနဲ႔ မိမိတုိ႔အသုံးၿပဳထားတဲ႔ Web Host OS and Management Software ေတြကုိေတာ့ စဥ္ဆက္မၿပတ္ Update လုပ္ေပးသင့္သလုိ ေနာက္ဆုံးေပၚ Hacking and Security Threat ေတြကုိလည္း အၿမဲေစာင့္ၾကည့္သင့္ပါတယ္။ ၿပီးေတာ့ Antivirus ေကာင္းေကာင္းေလးကုိေတာ့ တင္ေပါ႔။www.exploit-db.com လက္ရွိ ၿမန္မာၿပည္မွာက MPT, YTP and MTG (Colo ေတြမပါ) ဆုိၿပီး Hosting ပုိင္းကုိ ကုိင္ထားတဲ႔ေနရာမွာ MPT ကုိေတာ့ ကၽြန္ေတာ္မသုံးပါ။ Customer Service အလြန္ညံ့ပါသည္။ ဟုိတစ္ေလာက MPT ရုံးမွာ ဒုအင္ခ်ဴပ္နဲ႔ စကားေၿပာတဲ႔အခါ စကားေၿပာတာက အေပၚကပဲ ေအာက္ကုိမဆင္းဘူး... သူ႔ laptop မွာ ဖြင့္ထားတာက Gmail ပါ။.. :D
YTP / MTG ထဲက Host ကေတာ့ မဆုိးပါဘူး။ Security ပုိင္းနဲ႔ပက္သက္ၿပီး Web Shell Access ေတြကုိ Test ၾကည့္တာ ကေတာ့ Individual cPanel ေတြအတြက္ လုံၿခဳံတာကုိေတြ႔ရပါတယ္။ တစ္ၿခားကေတာ့ သိခ်င္ရင္ ကုိယ္တုိင္တုိင္စမ္းပါေလ... :D

Source By : https://www.facebook.com/notes/planetcreator-net/web-devmaster-%E1%80%99%E1%80%BA%E1%80%AC%E1%80%B8%E1%80%9E%E1%80%AF%E1%80%AD%E1%82%94/380420945352178
(Planet Creator)

No comments:

Post a Comment