GreatWebScripts.com Well Designed Scripts for the Busy WebMaster

HackerTrap™ Site Monitor (v 1.2) Updated 18 January 2008

HackerTrap gives you a proactive tool to fight off hackers, spammers, and rippers BEFORE they take over your site! With its intuitive, easy-to-use interface the webmaster can monitor suspicious activities from site visitors and kick them out before they take you down. And the same tool provides a pleasant nudge to those who accidentally enter the wrong URL, keeping them viewing your site instead of moving on. HackerTrap stands guard 24x7.


ScreenShots Customized Not Found [404] Error Page Customized Not Found [404] Error Page

Admin Setup Display Setup Display

Active Log Display Active Log Display

Abuse Report  Display Abuse Report

Overview

Compromised systems. Identify theft. Hostile users. Software bugs. Misconfigured systems. Phishing schemes. The Internet today is a scary place!


It's common knowledge today that “script kiddies” are on the Internet, probing YOUR site for vulnerabilities. They use scripts and programs developed by others, without knowing what they are or how they work, for the purpose of breaking into computer accounts and files, and for launching attacks. Script kiddies enjoy cracking any website they can, just to prove their “superiority” in the underground hacker community. Their methodology is very simple. Scan the Internet for a weakness, and then exploit it.


Many admins are not monitoring their systems and do not even realize they are being scanned. Many scanners quietly look for one system they can exploit and then use it as a launching pad. From it they can boldly scan the entire Internet without fear of retribution. If their scans are detected, the system admin of the exploited system will be held liable. And once your site is known to be vulnerable, your address is shared around the whole gang.


Their scripts check which software applications and versions you have installed and then exploit their security weaknesses. They work by blasting your site with multiple requests for the applications and checking which get a response. The IPs of the responding systems are stored in a database for later exploitation. They aren’t storming your specific system, but are scanning thousands of computers looking for vulnerable targets before initiating an attack. So don’t take is personal: they’re not targeting you, just looking for the weakest mark.


Even if you don’t run a vulnerable application, the response from your system provides useful information. The error response from your server indicates which Webserver software is running, the port used, and the software version. That’s valuable information for someone trying to break in!


Look for yourself. Check your server logs. See the 404 entry for “cmd.exe”? That’s a request to start a Windows Command terminal. See the entry for “../../.passwd”? Somebody trying to read the root password file. How about “/nonexistentfile” or “/sumthin”? They’re intentionally generating a missed page to read information about your web server to be compared against a list of known weaknesses.


Hackers have used these tried-and-true methods for years to gain backdoor access to sites, but you no longer have to take it!. HackerTrap is a website guardian that gives you back control over your own site! You determine who can view your pages and who is blocked. You define Forbidden Pages so that when a hacker probes your site, it becomes a “third rail” and he’s booted out before he even gets started. HackerTrap does its work by modifying the Apache .htaccess file, so it only works on sites running the Apache Webserver software.


With HackerTrap you specify which applications you DON’T run. Then when a hacker shotguns your site looking for weaknesses, one of those probes will fail and BAM, he’s immediately locked out and can’t get near you! You also define what the response looks like, and do not provide any information about your webserver software that can be used against you.


You may have heard a common problem with blocking by IP address is that many ISPs use a farm where the user’s IP changes for each request, so banning a single IP doesn't help anything. HackerTrap handles this by wildcarding the IP when it is blocked -- by default the last octet of the IP -- to minimize the “collateral damage”. How much of the IP to wildcard is user customizable.


Another common problem is that IP addresses change dynamically, so tomorrow the blocked IP belongs to an innocent surfer. HackerTrap puts an expiration date on each IP it blocks (default 30 days) that removes the address if no future probes are detected. Each probe from that IP resets the 30 day clock so a problem IP is never allowed access. The administrator can adjust the timeout parameter, or remove it entirely to create a never-ending block.


An additional benefit of HackerTrap is it allows you to customize your Not Found and Forbidden Error Pages. Studies show most websurfers will not make an additional effort to find a page if they encounter a 404 error. By customizing your error page, you keep those potential customers browsing your site.


Active Log now puts even more power at your fingertips. Think of it as an audit log on steroids. View your site data on your own terms with Search and Sort capabilities. See just who is probing your site, and what they're looking for. Instead of the logs being a passive display of who attacked you, you press a button for an offending visitor and instantly he’s gone, unable to access your site again. Someone probing your site in a unique way? Push the button and add his probe to the forbidden pages, and now he’s gone too. As the hackers and bots change their tactics, you can instantly keep up!!


You can block misbehaving / misconfigured download rippers from stealing your site. Any bot that intentionally misuses the robots.txt file (a search engine standard) or the "nofollow" attribute (another standard) can be booted out.


You can use HackerTrap to do as much site security as you need and feel comfortable with. You can use it simply as a .htaccess file editor, or allow it to monitor your site with its extensive audit log capabilities, or fully automate it to trap and evict unwanted guests. Initially just allow it to monitor your site to prove itself, and then turn on its full power to protect you!


HackerTrap is installed with our world-class 15-Minute installer program via an FTP client and web browser. No need to edit any files -- let the installer guide you on what to do. Several installation tests verify the installation is correct and operational before you leave.


New for v1.2

Want to slap the hackers, and do the rest of us a favor too? HackerTrap can now format an Incident Report (Abuse Report) for you detailing the activities of a hacker. HackerTrap traces the IP back as far it can to find the responsible party for the source -- generally the Internet Service Provider (ISP). It takes two clicks to generate - one to produce the report, and another for you to approve it.


New for v1.2

Want to see who an attacking IP Address belongs to or where it comes from? Now just a button press away, HackerTrap links to a Regional Internet Registry (RIR) (or supply your own) to identify the source address.


New for v1.2

Blocking an IP Address or Hack just got easier. Now a popup box allows you to specify exactly what you're protecting against, and supply a note so you know exactly why you did it.


Features

Customizations

The following list details the supported ways to customize the script to your site -- all done via the Admin Control Panel.

Requirements

Please ensure your site hosting meets these minimum requirements before purchasing the script!


Installation/User Guide:  (HTML)   (PDF)

Revision History:   (HTML)

Security Product Developers: Contact us for API documentation and details on how to interface your application to HackerTrap



Download your FREE Evaluation Copy Now!

Enter Store to Purchase       Download Evaluation Copy