Posted May 15, 2011on:
Cyber world is uncertain world. Security is need of people in this world. For website administrator, the term of backdoor was not uncommon listened. Backdoor for some implementation is very usefull. So what meanings of backdoor?
A backdoor in a computer system (or cryptosystem or algorithm) is a method of bypassing normal authentication, securing remote access to a computer, obtaining access to plaintext, and so on, while attempting to remain undetected. The backdoor may take the form of an installed program or may subvert the system through a rootkit. (Wikipedia)
Also called a trapdoor. An undocumented way of gaining access to a program, online service or an entire computer system. The backdoor is written by the programmer who creates the code for the program. It is often only known by the programmer. A backdoor is a potential security risk. (Webopedia)
Like two sides of coin, Backdoor has advantages and disadvantages. The advantages from backdoor that has been planted in website are administrator can check his website without must login into the website cpanel (control panel). Beside that, website administrator can reset his website’s password if his password has been reseted by hacker, or he can upload and backup his website instantly without login into the cpanel page or administrator page.
In the other site, backdoor has many disadvantages because for illegal person (black hacker / cracker) can use backdoor for access website that has been planted into the target website. Backdoor can be weapon for destroy website target easly. With backdoor, black hacker can change the admnistrator password, index.php view (deface), till load many illegal application into your website without login into your cpanel page.
So, website administrator besides has backdoor in his website, the website administrator must always check his website constantly from backdoor installing by black hacker. And administrator must know how black hacker can install his backdoor into the his website. at least, there are two reasons why illegal person can access our website then install backdoor into the our website. The first, there is a bug in our website. Bug is gap from an application. Bug usually is be marked with ERROR page in our application (ex : website). Bug is very dangerous because with one bug, hacker can penetration test our webiste so, the worst is our website is hacked by hacker. Almost bug is found with testing. There are many ways to execution of bugs like sqli, lfi, rfi, etc. The second, security server is cause of attacking happened. With unsecure of our website server, it can make our website be target. And many website hacked by this accident (server isn’t good).
So, be careful. There is not guarantee for 100% security.