Jumping the server is an act of cyber criminals in stealing information and performing scanning / locating files within the web server content.
Generally jumping server against CMS-based content such as wordpress and joomla. This weakness arises because of many reasons, including the weakness of the version of PHP 4, the lack of security web server tools, and bugs on the CMS itself.
What can be done from jumping server?
The hacker will search the config file, which in the config file will be stored database data name, database user and database password.
The config file is more familiar with the “database connection file”.
How to avoid jumping server?
Simply to avoid jumping the server is to install a professional anti virus. Where there is a sercurity web feature, examples such as Kaspersky Server Security or Avira Server Security. But it is a paid solution, usually rarely done, because it is usually more interesting if the anti virus is not paid.
From the anti-virus pay better looking for a free, generally the ITers have such jargon.
A more elegant way to look more professional is to do a little trick.
The trick used is to modify the config file. The config file will be modified in such a way that when the hacker jumps and opens the config file, he will be disappointed because in the config file there is no information what they are looking for. :LOL
Jumping server in general and outline is aimed to find config file (file connection database) to get username and password DB (Database)
Example you put web content in /var/www/html.If you use wordpress or Joomla then make / modify wp-config.php file as follows:
<? Php
/ **
* Ente HOMO yak: p
* Nge people site symlinks: v
* This education website should not be destroyed gan
* Just one word pisss .. look for another target: hihi
** /
Ini_set ("display_errors", 0);
Error_reporting (0);
Include ('/ var / www / sym-homo.php');
Define ('AUTH_KEY',
'Thadm59wnk3wxmmucut9rxgrttxfpeogtovdv25tygc0otijahsqg81keluwiegt');
Define ('SECURE_AUTH_KEY'
'Hu5dtxuruhpukph3tip2t4hcgmdbreb0ejg0vbylyrrdc0u7zann86uye6poh7es');
Define ('LOGGED_IN_KEY',
'1iclqx6onlrvm2czsxjx6bdppld2k69wyat8t8sbkbncjuhmwovtgwqvznmrbijt');
Define ('NONCE_KEY',
'8i4agtcsdqycydkqsaug2ztxhqs2nilttrrpsivadqx2ev2rcgichp9u03n4nsrl');
Define ('AUTH_SALT',
'Ogom5nc4kfknqeo5iesa9mypx0tkadprzlp8ixo3pqqq9x9ed7khgguxyxjzoxou');
Define ('SECURE_AUTH_SALT',
'Geb6dbtcn4kveneltnffxe2nepjtv0mqtob0x1vdjlfae32dkcwv0tvhq0lugpoo');
Define ('LOGGED_IN_SALT',
'O4rgbyi9hjijdydsvsf5btayqmigqnpivjftctof6tonm7mvvlgbsyvzvca9lupy');
Define ('NONCE_SALT',
'M4qfqrxwy6dwpl89wy88xkqclvredjyr3gkspjgib3vu54p14y9kggkzzy6yqutu');
Define ('WPLANG', 'en');
Define ('WP_DEBUG', false);
Define ('WP_CACHE', true);
Define ('WP_POST_REVISIONS', false);
Define ('WP_ALLOW_REPAIR', false);
Define ('WP_HOME', 'http://langit-dev.org');
Define ('WP_SITEURL', 'http://langit-dev.org');
Define ('COOKIE_DOMAIN', 'sky-dev.org');
Define ('AUTOSAVE_INTERVAL', 300);
If (! Defined ('ABSPATH'))
Define ('ABSPATH', dirname (__ FILE__). '/');
Require_once (ABSPATH. 'Wp-settings.php');
Then create in / var / www with the contents as follows:
<? Php
Ini_set ("display_errors", 0);
Error_reporting (0);
Define ('DB_NAME', 'replace-name-DB');
Define ('DB_USER', 'replace-user-DB');
Define ('DB_PASSWORD', 'replace-password-DB');
Define ('DB_HOST', 'replace-localhost-server');
Define ('DB_CHARSET', 'utf8');
Define ('DB_COLLATE', '');
$ Table_prefix = 'wp_';
?>
Added in wp-config.php only the green color and move the db confignya to sym-maho.php hopefully ente ngerti dah: D
Here is the appearance of when jumping / symlink rich beginong:
KALI_LINUX_PENTESTER 