EconPapers    
Economics at your fingertips  

EconPapers Home
About EconPapers

Working Papers
Journal Articles
Books and Chapters
Software Components

Authors

JEL codes
New Economics Papers

Advanced Search


EconPapers FAQ
Archive maintainers FAQ
Cookies at EconPapers

Format for printing

The RePEc blog
The RePEc plagiarism page

 

Attacks on Newly Registered Content Management Websites – A Comparison

Marko Niinimaki, John Lawrence, Kitichai Chanyalikit and Veli Pajula
Additional contact information
Marko Niinimaki: Webster University Thailand, Bangkok, Thailand
John Lawrence: Webster University Thailand, Bangkok, Thailand
Kitichai Chanyalikit: Webster University Thailand, Bangkok, Thailand
Veli Pajula: University Consortium of Seinajoki, Seinajoki, Finland

International Journal of Technology and Engineering Studies, 2020, vol. 6, issue 1, 1-7

Abstract: Web Content Management Systems (CMSs) are tools for creating and maintaining commercial-quality websites. Their popularity has increased, but so has their complexity and the number of third-party modules. These, however, increase the risk of vulnerabilities. This paper presents a case study of hacker/intrusion activities on CMS websites. We study how much of the incoming traffic is potentially malicious and where it originates from. Additionally, we study if CMS’s based on different CMS software attract different kinds of traffic. To implement our study, we have registered and launched three virtual websites (running on the same computer). Each site runs its own popular CMS software, but their content is identical (a weblog with a simple template). The sites run for six months on a platform of a commercial web hosting provider. Our methodology is empirical, and our analysis is based on logging every HTTP request that was sent to the sites. This was done using the logging capabilities of the webserver software, Apache. We compare the sites with each other, with an established website, and an empty website. Our analysis shows that more than 90% of all traffic to the websites (both old and new) is potentially malicious. Further, we find that a large majority of the intrusion attempts are very unsophisticated: they do not try to exploit any specific vulnerabilities of the underlying CMS. Therefore, keeping the CMS up-to-date and following CMS hardening practices is enough to repel these attacks.

Keywords: Website security; website intrusion; computer security; web site CMS (search for similar items in EconPapers)
Date: 2020
References: View references in EconPapers View complete reference list from CitEc
Citations:

Downloads: (external link)
https://kkgpublications.com/technology-engineering-studies-volume-6-issue-1/ (application/pdf)
https://kkgpublications.com/wp-content/uploads/2020/11/ijtes.6.10001-1.pdf (text/html)

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:apa:ijtess:2020:p:1-7

DOI: 10.20469/ijtes.6.10001-1

Access Statistics for this article

International Journal of Technology and Engineering Studies is currently edited by PROF.IR.DR.Mohid Jailani Mohd Nor

More articles in International Journal of Technology and Engineering Studies from PROF.IR.DR.Mohid Jailani Mohd Nor Calle Alarcon 66, Sant Adrian De Besos 08930, Barcelona Spain.
Bibliographic data for series maintained by PROF.IR.DR.Mohid Jailani Mohd Nor ().

 
Share

RePEc
This site is part of RePEc and all the data displayed here is part of the RePEc data set.

Is your work missing from RePEc? Here is how to contribute.

Questions or problems? Check the EconPapers FAQ or send mail to .

Örebro UniversityEconPapers is hosted by the School of Business at Örebro University.

Page updated 2025-03-19
Handle: RePEc:apa:ijtess:2020:p:1-7