How hacker hack the website or computer

Here are some of the steps that you can take to protect your website.

how hackers hack the websites? How hackers hack the computers?

Type of hacking for computers is entirely different to that of website. In case of websites the following type of security issues lead to website hacking. Note that these can affect single website alone or the cluster of websites hosted on the server.

1. XSS Cross Site Scripting In this type of security attack, the websites pages URL request are forged. And this way often the user data is compromised. For example some website has login dashboard page and if there XSS issue in that page's script then it'd result in authentication details being compromised.

2. SQL Injection Most common type of security attack on social network websites or the small websites with insecure web forms. This type of attack adds the additional sql query inside the web form request. Web form could be harmless like contact form or some login info. It is used to gain access to the SQL database and then to further run scripts that may damage website or server.

3. DDOS Attack Another security hack that leads to the website becoming unresponsive. If continued this attack leads to web-server going down. Usually these attacks are taken care of at server level. But they do exist to date and makes it really hard for many websites and servers to bypass such attacks.

4. Authentication & Session attack These sort of attack require some script from the browser to be run while executing the session which traps the users. This can be serious issue and often the websites will reset password and even ask for SMS authentication to verify the users.

There are few other types of common security attacks like clickjacking, DNS cache flaw, URL hijack, script overwriting and others. The most common security flaws that affect every website are listed above. So make sure any CMS that you use can stand against these four.

How to avoid them? What are the steps or measures to be taken to avoid our blog or website or computer from getting hacked?

Some of the website security issues can be patched from the server level. Some of the security issues however require you to take steps on your end.

1. Update your CMS if you're using WordPress, Joomla or any other script.
2. If your server still has old PHP version, then don't forget to update it.
3. Update your back-end database version and apply the security patches as it comes.
4. Use complicated and long passwords. Make sure you use symbol, numbers and letters combination.
5. Make sure your web forms are secure so that you have no sql injection issue.
6. Use HTTPS if your website uses any login system or money transfer or credit card system.
7. Use cloudflare or server level DNS protection for DDOS attacks.
8. If you are using any language specific feature (say php or rails or python) that has security issue, make sure to update with patch.

These are some of the common steps that you can take to avoid getting hacked.

Is it https platform secure for such act?

HTTPS is a protocol that makes sure that the GET and POST request made from user side are encrypted. So it makes sure that your content is secure to and from server.
You can apply HTTPS to your website if you use "Let's encrypt" certificate. Most of the cpanel hosts offer this free service on their hosting account.

Hackers employ various means to hack into the vulnerable computers.
Malicious programs
Hackers use programs that log keystrokes that the user makes each time he uses the computer. Once the program is installed on to your computer, the hackers get entry into whatever you have been doing with your device.

Hacking passwords
Getting to know the passwords is the ultimate goal of any hacker. They use intelligent guesses to achieve this. There are some advanced methods to hack into one's passwords. There are algorithms that generate a combination of characters and symbols. This kind of attack is referred to as Brute Force Attack.

Backdoor entries
Hackers use programs that look for the vulnerabilities in a computer system. They can also infect a computer with a Trojan Horse to gain access to it without the need for user name or password.

Zombie computers
Hackers also create zombie computers that send the innocuous code to the victims computer. Once the victim executes the code, hackers get instant access to the victim's computer.

Denial of service attack
The victim's computer is crippled by this type of attack by directing flase traffic to it. Thus, the victim's computer goes unresponsive and is unable to get the traffic.

Hijacked ads
Hackers place safe looking ads that have the malicious code within. Gullible users who click on the ads unknowingly execute the code and provide access to their computers. They can purchase the ads directly or hijack someone else's ads.

Fake software
There are some software applications that are disguised as legitimate tools, but actually are fake and contain the infections. One should pay attention while installing the new software applications and make it a point to get them from legitimate and official sources.

To stay safe from hacking attempts on your system, you can follow the simple steps.

• Good password safety is the foremost way to stay safe. Use a password that is hard to crack. Use at least eight characters interspersed with small letters, capitals, symbols and numbers.
• Do not use your login credentials on a public computer. While using banking transactions, prefer a cellular data and the official banking app.
• Use VPN when you are using a public WiFi.
• Beware of phishing attacks. A hacker can send you a mail purportedly coming from your bank. You should note that no banking institution will ask you click on an attachment to update your credentials. They will let you do it on the official webpage or through the official app.

Is HTTPS safe?
Well, the HTTPS protocol can help you in avoiding the MITM - Man In The Middle attack. However, it cannot stop a hacker from hacking into your website. The hacker will be able to exploit the vulnerabilities that your system nay be having whether or not you use HTTPS. However, it could be a good idea to opt for HTTPS.

There were many ways to hack the website. Hackers always choose the low security websites which could be controlled easily by them.

Cross Site Scripting
It is an easy way to find a site which has less security so that anyone can easily post their comments in the site. They will create their own post with some codes which will get all the data which anyone tries to post by clicking. Next step they try to create and post cookie catcher so that they can access your cookies by making you to click on the post. If they collect your cookies, they can access your site and can make miscellaneous access. Finally they will post their cookie catcher with their post. This will catch the data and send it to your site. Once the data had been collected, they will access your information easily.

Injection Attacks
In this method too, hackers try to search less security sites which they can access through their admin login. They try to login your administrator as admin. They put any name as username and use sql codes for breaking the password. Once this process is done, it takes some time to go on. It may be successful or may throw an error message. If it is successful, they start using your site and bring them into their control.

Things to be learnt for success
Learn what and all are all possible in this world. Hackers know at-least two programming language in-order to gain their knowledge in handling websites. Programs like SQL, Perl, Python and Java are the best for this purpose. To hack websites most probably you need to have knowledge on HTML and java scripts. This could help you handle any sort of websites. Hacking doesn't mean only hacking other's site. It also helps to protect your own site. You can also use hacking for good reasons rather than negative intentions.