πŸ›‘
Xavfsizlik

Sayt xavfsizligi: 10 ta amaliy qadam

12.07.2025
← Barcha maqolalar

Sayt himoyasi β€” bir martalik ish emas, jarayon. 10 ta majburiy qadam:

1. HTTPS hamma joyda

Let's Encrypt bepul. .htaccess'da 301 redirect http β†’ https. HSTS header: Strict-Transport-Security: max-age=31536000.

2. Kuchli parollar

16+ belgi, password manager (Bitwarden bepul). Bir xil parol turli saytlarda β€” ASLO.

3. 2FA admin uchun

Google Authenticator yoki YubiKey. Telegram bot ham mumkin.

4. Yangilab turish

OS, PHP, web server, framework, plugin'lar. Auto-update yoq. CVE monitor β€” yangi xavf chiqsa darhol xabar.

5. Firewall

Server: ufw, iptables. CDN: Cloudflare WAF. Application: ModSecurity.

6. SQL injection himoya

Prepared statements (PDO). String concatenation YOPMA. ORM ishlatish (Eloquent, Doctrine).

7. XSS himoya

Output escape β€” htmlspecialchars. CSP header. HttpOnly cookies. SameSite=Strict.

8. CSRF tokens

Har formada hidden CSRF token. SameSite cookies. Laravel @csrf, Symfony FormType.

9. Rate limiting

Login: 5 attempts/minute. API: 60 req/minute. Cloudflare yoki nginx limit_req.

10. Backup va monitoring

Kunlik backup, S3/external. Log monitoring β€” Sentry, NewRelic. Anomaly detection β€” odatdan tashqari trafik xabar bersin.

Audit

1 yilda 1 marta professional pentest. OWASP ZAP, Burp Suite β€” open source skanerlar.

Xodimlar β€” eng zaif zveno

Phishing email β€” eng tarqalgan vektor. Xodimlarga security training. "Bu email haqiqatdan menimi?" β€” har doim tekshirish.

Incident response plan

Hujum bo'lsa β€” kim qiladi nima? Backup qachon va qaerda? Foydalanuvchilarga qanday xabar? Yozma plan tayyor bo'lsin.

Sayt.uz amaliyot

HTTPS, HSTS, CSP, 2FA, Cloudflare WAF, fail2ban, kunlik backup, audit log. 2024'da hujum harakatlari bo'ldi, lekin biron buzilish yo'q.

O'xshash maqolalar

πŸ” Parol menejerlar β€” Bitwarden, 1Password, LastPass va KeePass tanlovi 🍯 Honeypot β€” formada yashirin maydon, botlarni ushlaydi va spamni to'xtatadi πŸ“„ /.well-known/security.txt β€” xavfsizlik bo'yicha bog'lanish standart πŸ“‹ GDPR moslik β€” Yevropa ma'lumotlarini himoya qilish majburiyatlari
🌐 Til
πŸ‡ΊπŸ‡Ώ O'zbek βœ“ πŸ‡ΊπŸ‡Ώ ЎзбСк πŸ‡·πŸ‡Ί Русский πŸ‡¬πŸ‡§ English