Jack, talk about server and database network security settings lectures

Now on the server and Web site security issues, we can not ignore, this is from the webmaster recently a problem, but also one of the biggest problem, in a timely manner to prevent, will be more secure. Deliberately sorted out what Jack said this afternoon about server security.

Let's start with the lecture, and I think it's more appropriate to talk about the experience.

Hello everyone, I am A5 security group Jack, today to communicate with you about Web server security related issues.

In fact, in terms of server and site security settings, although I have some experience, but there is no research, so I do this lecture today when the heart is very uncomfortable, always afraid to say wrong will be mistaken for other people's things, there are wrong places also please point out, today is all about the exchange. Perhaps you have a security master or a master of destruction to see what I said would be ridiculed or secretly pleased, but I think my experience is still there are many right place, there are tens of thousands of people than I know or need someone to provide these experience and information. Oh

Now almost a part of the webmaster have their own servers, some people also use http://www.aliyun.com/zixun/aggregation/14840.html "> virtual host or a rental server." For now in the use of virtual hosting and rental of some of the webmaster may be in the server security considerations are relatively few, because there is a strong IDC technology in support, as long as the use of their own web site procedures to understand a little more, pay more attention to the official release of the program news and vulnerability patches hint, Timely upgrade procedures to hit the latest patch on the security has been 80%, the official patch is released to us free of charge, if the bug patch can not be hit in time, then the site was black the possibility of almost 80%, so that the program must be timely hit the patch. The second is the virtual Host Management account password and FTP account password, background landing path address and administrator account password settings, this may be a lot of people sometimes easy to ignore, but because the negligence of the password set is too simple or did not change the default account password, background path caused by the site is black or a small number of webmaster.

Now there are a lot of fool-like hacker tools, a person who knows a little computer technology can get started, for some FTP account password and Web site background password Simple site can be a lot of access to the account password, direct landing ftp or backstage to get Webshell, So generally in the FTP account password to be timely after the modification as far as possible more complex the better. Site in the installation after the timely deletion of installation files to modify the background path and login password is necessary to do, do not bother, perhaps your small operation will give you a great site security, negligence, lucky psychology will only bring great security risks to the site, because an intrusion to find Is that you are neglected to drill holes that you don't notice.

All right, okay. For Web site security using a virtual host I'll talk about this a little bit, and let's focus on the security settings for standalone Web servers.

Recently met several stationmaster to ask me for help, looked at the situation are almost, because the early only to get the Web site, the security of the server awareness and technical prevention is not enough so that the entire server has been hacker control, the server on all sites are hung horse, are good tens of thousands of flow of the site, this consequence is very serious. In the server configuration site and environment when the security is not taken into account, just in order to allow their own site to access the normal, so the entire server's permissions are almost everyone permissions in operation. Such a server can not be black purely accidental. Below we to the current mainstream server system WIN2003 to give you some relevant security configuration and prevention of information, I hope to help you. I'll write it in a few chunks.