1

During the development of a site, me and the team decided to develop the site with my computer as a server, with me making my localhost available from outside. I have been using several settings to try protecting the site while in development, for example by adding password to XAMPP, phpMyAdmin, but recently one of the team members said to me that when he visited the site a day ago, some content on a .php page on the site (images and text sections) has been altered.

When I took a look at the site everything was like it was before, not a single character in the source code had been altered as far as I could tell. Also, the DB is intact and nothing else has happened since.

My question now is: what can I do to assure myself that the server has not been hacked into, and what can I do to secure myself from threats of this kind in the future?

user3026192
  • 11
  • 1

1 Answers1

3

It's very hard to be have assurance there is no malware present on your server. There are indicators of compromise, but considering you probably didn't log anything remotely and did not have controls in place to prevent unauthorized alteration, it's very hard to rely on your system.

Some recommendations (from the perspective that you are on a very limited budget):

  • Use external version control like git (keep it seperate from your test server)
  • Don't host your development environment on the internet, there's no reason to expose it to the internet, use VPN or SSH tunneling to access the server
  • Log all access remotely, log file alterations on the file systems where you believe you are hosting critical data
  • Use HIDS to detect violations
Lucas Kauffman
  • 54,169
  • 17
  • 112
  • 196
  • Thank you for your answer.But if I configure XAMPP and other components correctly, is it safe to host from it in production mode? Or are there better alternatives? – user3026192 Apr 09 '15 at 14:02
  • Is there any changes between the OSs? I mean, would having the server on Ubuntu or similar be safer than on Windows? – user3026192 Apr 09 '15 at 14:21
  • XAMPP isn't known for its reliability, or for having the latest secure/safe versions of packages. A vagrant VM you can ssh into and run the relevant package update command on would be safer and closer to the production environment – Tom J Nowell Apr 09 '15 at 15:11
  • Xampp is not meant for production use – Lucas Kauffman Apr 09 '15 at 15:27