April 9, 2020
Playbook for website defacement
Website defacement by adversaries is very common type of attack.
- The mitigation depends on the kind of deployment capabilities you have.
- A maintenance page is key to communicate you are down and are putting in all efforts to get back soon.
- Ensure the intruder is blocked and restore the latest possible backup.
For SQL injection please refer https://playbooks.flexibleir.com/playbook-for-sql-injection/
The following considerations could help.
- Consider usage of AWS WAF