Platform attacks

Overview

Platform attacks target the system on which the website runs. If an attacker can compromise the underlying system, then he may be able to leverage this to gain complete control of the website.

What makes a site vulnerable?

A site may be at risk of platform attacks if it runs on a vulnerable or poorly configured platform (OS, web server, etc.). If the software on which the website depends can be compromised, then the attacker may be able to come through that vulnerable software and attack the website that way.

Impact of the attack

In a successful platform attack, the attacker may be able to take control of a particular piece of software, or even the entire server (e.g. if he is able to run arbitrary code on the server’s OS). This may allow him to take complete control of any website hosted on that server (perhaps including yours...).

Preventing the attack

The attack can be prevented, to some degree, by securing, or where possible isolating from the website, the software comprising the platform. This includes the OS, the web server (tips on security apache), the database server, other websites, and other applications on the server. At a minimum these components should have the latest security patches applied on a regular basis. They should also be assessed to determine whether they are necessary, or whether more secure alternatives exist. Their configurations should also be reviewed to ensure that they are configured for the maximum practical level of security.

Website Security Book

Security for websites, web-applications and web-services