Q

Learning from the MySQL.com hack: How to stop website redirects

Learn how to stop website redirects put in place by malicious hackers, and how to prevent attacks like the MySQL.com hack.

This Content Component encountered an error

Hackers recently took control of Oracle's MySQL.com and installed a JavaScript code on the site that redirected visitors and attacked their systems with a BlackHole exploit kit. Is there any way to prevent websites from automatically redirecting?

In a bold attack earlier this year, malicious attackers were able to plant malware on Oracle Corp.'s MySQL.com website so visitors would become infected simply by visiting the site's homepage. Upon visiting the site, users' browsers were automatically instructed to load JavaScript redirects to third-party URLs that served up dangerous malware.

There are ways to disable or block JavaScript redirects on the client side by using browser plug-ins like Noscript, or you can disable JavaScript in the browser. Potentially, you can also use a more general browser security tool that might be included in a host intrusion-prevention system (HIPS) or antimalware suite to block JavaScript redirects. You could also use a Web proxy and potentially block redirects from the network.

Unfortunately, disabling JavaScript won’t stop website redirects entirely, like the one used in the MySQL.com hack. A Web server can be configured to redirect webpages by issuing a HTTP 3xx redirect command and sending a browser to a different website. There is even an HTML tag for meta-refreshes that can generate a redirect. However, many popular websites now perform URL shortening, which is a form of redirection, so you may want to evaluate if blocking redirection is worth the effort given the functionality trade-off.

If your endpoints are hardened against malware attacks, the minimal information security risk from a website redirect should not significantly increase the number of malware infections.

This was first published in November 2011

Dig deeper on Web Server Threats and Countermeasures

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close