Security team talk about Web server security settings Tips

Hi, I'm A5 security group Jack, I'm going to talk to you today about Web server security related issues.

In fact, in terms of server and site security settings, although I have some experience, but there is no research, so I do this lecture today when the heart is very uncomfortable, always afraid to say wrong will be mistaken for other people's things, there are wrong places also please point out, today is all about the exchange. Perhaps you have a security master or a master of destruction to see what I said would be ridiculed or secretly pleased, but I think my experience is still there are many right place, there are tens of thousands of people than I know or need someone to provide these experience and information. Oh

Now almost a part of the webmaster have their own servers, some people also use http://www.aliyun.com/zixun/aggregation/14840.html "> virtual host or a rental server." For now in the use of virtual hosting and rental of some of the webmaster may be in the server security considerations are relatively few, because there is a strong IDC technology in support, as long as the use of their own web site procedures to understand a little more, pay more attention to the official release of the program news and vulnerability patches hint, Timely upgrade procedures to hit the latest patch on the security has been 80%, the official patch is released to us free of charge, if the bug patch can not be hit in time, then the site was black the possibility of almost 80%, so that the program must be timely hit the patch. The second is the virtual Host Management account password and FTP account password, background landing path address and administrator account password settings, this may be a lot of people sometimes easy to ignore, but because the negligence of the password set is too simple or did not change the default account password, background path caused by the site is black or a small number of webmaster.

Now there are a lot of fool-like hacker tools, a person who knows a little computer technology can get started, for some FTP account password and Web site background password Simple site can be a lot of access to the account password, direct landing ftp or backstage to get Webshell, So generally in the FTP account password to be timely after the modification as far as possible more complex the better. Site in the installation after the timely deletion of installation files to modify the background path and login password is necessary to do, do not bother, perhaps your small operation will give you a great site security, negligence, lucky psychology will only bring great security risks to the site, Because an intrusion is looking for a hole in your mind that you're ignoring.

All right, okay. For Web site security using a virtual host I'll talk about this a little bit, and let's focus on the security settings for standalone Web servers.

Recently met several stationmaster to ask me for help, looked at the situation are almost, because the early only to get the Web site, the security of the server awareness and technical prevention is not enough so that the entire server has been hacker control, the server on all sites are hung horse, are good tens of thousands of flow of the site, this consequence is very serious. In the server configuration site and environment when the security is not taken into account, just in order to allow their own site to access the normal, so the entire server's permissions are almost everyone permissions in operation. Such a server can not be black purely accidental. Below we to the current mainstream server system WIN2003 to give you some relevant security configuration and prevention of information, I hope to help you. I'll write it in a few chunks.

Operating system Configuration

1. Install the operating system (NTFS partition), installed anti-virus software, I chose is Kabbah.

2. Install system patches. (Microsoft released every patch must be played, because many Trojans are specific vulnerabilities can be performed) scan vulnerabilities comprehensive antivirus

3. Remove Windows Server 2003 default share

Start by writing a batch file with the following contents:

@echo off

NET share C $/del

NET share d$/del

NET share e$/del

NET share f$/del

NET share admin/del

The file name is Delshare.bat and is placed in the startup key, and the share is automatically deleted each time it is powered on.

4. Disable IPC connections

Open cmd and enter the following command to connect: NET use\\ip\ipc$ "password" supplied: "Usernqme". We can disable the IPC connection by modifying the registry. Open Registry Editor. Locate the RestrictAnonymous subkey in the following build HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa, and change its value to 1 to disable the IPC connection.