Personal website to be hanged for horse solution

Intermediary transaction http://www.aliyun.com/zixun/aggregation/6858.html ">seo diagnose Taobao guest cloud host technology Hall

Do stand friends have had the site was hanging horse experience, to tell you the truth, I am very disgusted with this behavior, because my website money-making Guide (melejia.com) opened less than 2 months, it was found hanging horse, it took me a night to clear the Trojan, and tired and gas. Then was hanged two times, fortunately has the experience, does not need to spend how much time to do well. For the site was Hung horse, I think the best way or "prevention" mainly, the best use of the station system (I use the move easy), continue to follow the requirements of the patch to prevent loopholes, as well as the background password as far as possible to set up a complex, computer systems to strengthen, such as the installation of Trojan Horse software, anti-virus software (I use 360 security guards). Anyway, there is a network of Trojans, virus programs are endless, webmasters should be very careful! The following is the webmaster method of solving the horse (only for the dynamic system):

The dynamic system of the Trojan has a comprehensive solution

If you find that your site has been recruited (most of the performance is inserted into the IFRAME code, the first page or each of the pages), you can refer to the following methods to deal with:

1, to play the latest security patches!!!。

2, compare easy to all the files, find out more files, download the backup immediately (for analysis) and then delete from the site! If the file size and date are inconsistent, edit the file to see if there are any bad code. Hackers prefer to put bad code in conn.asp and config.asp. If it is found, delete it first. Recently also found that a lot of Trojan code is inserted into the JS file, the proposed direct use of the original JS directory to cover the site's JS directory. Then on the drive the official newest file replaces. Conn.asp upload, remember to modify the database path correctly.

3, see all the Jpg,gif file name, usually found with ASP file name, download the backup immediately (for analysis) and then remove from the site! (Hackers prefer to admin/image/...) This kind of place hides the Trojan horse, once had a stationmaster's station to be people in this directory to establish an. asp's directory, inside again put a jpg trojan file.

4, the above 2, 3 steps is to check the Trojan program files, completed, it should check the background template. First of all, of course, immediately modify the administrator password (you can move your template description will be able to enter your background), and then check the station log whether there is an illegal landing or the log was deleted, and then in the template management, with the search for replacement template method, query your site page is inserted in the IFRAME

5, stop all of the site upload function, check all member name, found with ASP (including *.asa, *.CDX, *.cer), all deleted (please own discretion, in order to site security, loss point also no way), at the same time, in the site selection problem that set prohibit registration: ASP such members.

6, if your site's database using the default Database/powereasy2006.mdb database path and file name, please change now!

7, after landing the Web page a blank processing method, with the corresponding version of the original Admin folder to cover your management directory files, and the directory of the more out of the file deleted. If the background menu bar is not open, please upload the file/js/prototype.js.

8, landing when prompted to verify that the code is not correct, the general performance of the verification code more underlined. Please overwrite the images folder on the root directory of your Web site with the original dynamic file for the fix file and the/inc/checkcode.asp file.

9, it is best to regenerate all the HTML files and all the JS files.

10, the above methods have tried not to, then back up the database, and then delete the entire station, and then upload.

The following is: A program offered by Rhongsheng:

-------------------

1. Modify the 94 lines in the/inc/checklist.asp file, where you add or InStr (Iname, ".") > 0. The code is registered to restrict the registered user name to include ".". or in which the restriction includes "ASP" or InStr (Iname, "ASP") > 0. can be limited together. After my test, the eval backdoor execution procedure can not be used after the restriction.

------------------

The above methods for reference, there are more measures will be further improved.

In addition, it is necessary to add:

1. Dynamic system with the "No registered user name" in even if added. asp|asp| restrictions can still be registered, so in order to prevent accidents, it is proposed to temporarily close the registration of members, or according to the above temporary amendments to the scheme temporarily resolved.

2. If your site's database uses the default Database/powereasy2006.mdb database path and filename, please change it now!

I wish your station every day peace, flow continuously!

Author Information: The founder of the Antique, website money-making Guide (www.melejia.com). To see the author more articles please search "website to make money." The qq:402249719 of the author's old Fashioned.