I know securing any website is a very tough and broad topic to be discussed upon but i want to relate this question to my specific website which i've been working on. It was coded in php by some other programmer around 2004 and i am responsible for it's management. My problem is it's being hacked time and again. I have noticed following things when it's been hacked.
.htaccessfile has been modified
config.phpfiles were modified
I have worked on the code, it has been properly escaped and i think there is no probability of sql injection. Since most of the problem is related to files and permission i have a doubt about the server security but due to the reason that it was coded around 2004 surely it will lack some security, so what other things do i need work upon in my code to prevent my site being hacked for above mentioned problems?
Thanks in advance.
Since files have been modified, this is unlikely due to SQL injection bugs.
Possibilities to get to the files:
Now since you say the website is from 2004, it could be that it uses
eval for templating or
include for things like
site.php?section=foo and then include
foo.php in the code somewhere which were both done frequently back in 2004. So I'd do a quick file search for eval and the regex
include(.*\$.*) as well as
require(.*\$.*). Those are prime suspects depending on how they were used.
Someone probably has direct access to the server, rather than to (a) script(s) in particular. This doesn't sound like a security issue having its origin in the codebase.
You might wanna consider moving the entire site to another provider if this has happened time and time again. Start over somewhere else, with fresh passwords, access control, etc.
OWASP top 10 is very good read. Some guesses of mine.
My advice to you is:
That's it;) This will enhance your security a lot, but experienced attackers are tough.