The tragedy caused to Seoer after the server was attacked and repaired

Intermediary transaction http://www.aliyun.com/zixun/aggregation/6858.html ">seo diagnose Taobao guest cloud host technology Hall

A few days ago, the company's server, suddenly "big disease" a, after inspection, found that the recent popular Php-dos attack, I believe that we all have knowledge of the PHP dos. It has two kinds of performance, one is the flow of constant inflow, there is a constant flow of outflow. The server has a problem, we are the most anxious, customers they just want to see the results of their own site can be normal operation, the customer is constantly a miserable call. Hearing the customer's words, this heart is anxious, and hate. No resistance, have to endure, who let us to do the service industry.

The server is Php-dos attack, the problem is in the PHP program loophole was exploited by hackers, thus launched a php-dos attack. The server continues to outsource, traffic in 100M (see Figure 1). The engine room froze my server directly, so I made a new defrost application and after a few hours, thawed out. This thought so solved, can not think of is remote how also can not enter, at this time found himself has been scrambling, the original technology is not high, I went to the internet everywhere to find some success stories. The data indicates that IIS will be shut down and then remote. I then submitted the shutdown IIS application, closed, into the remote is indeed able to enter, can enter the table in the time, on the blue screen. I thought, "God, this is not playing me." Also apply for the room to restart the server. After several setbacks, remote finally into the, go in directly to the PHP program loopholes. The code of these vulnerabilities, of course, is not my own research, I am just a grassroots administrator, a step all from the Internet, with my disease-linked people summed up the processing experience. Alas, Emperor, the attack was finally taken care of. Website everything is OK.

(Figure 1) data to be outsourced

Dos attack problem resolved, the thought is not going to happen again, but everything is difficult, the third day, the server was CC attack, so I took the CC attack problem, directly on Baidu search. There are too many search results. CC attack, it is also belong to a small part of the Php-dos attack, originally thought very simple, after the process of the brothers to do down, observed, I server with the WINDOWS2003+IIS6+PHP+MYSQL,W3WP is the process of IIS, into the degree is a hurricane, Occupy the cpu100%, the website opens the speed is extremely slow. The result jumps out a window, the content is English, the translation is the system error information (because now the server reload the system, the concrete what English I also can not remember clearly). Look at this situation, can only reload the system, the reload system is not said to install, now our server needs to all the disk format, so as to the server in the full processing of the poison. Server within the site, data, public has more than 30 g, the server for the entire rental, not our company, deal with trouble, let the server headquarters to help us back up, they said not allowed, since we pay, they also told us No. This what the world, as long as the bitter yourself, download it. Anyway to install the system, then put a thunderbolt bar, so load fast, but the fact is not and I imagined, the Thunder How to install all is the display error. There is no way, on the founding machine, with FTP download bar, dozen packaging, load transmission on the day I spent two days and nights, bitter I stayed in the company for two days and nights.

Until today, the server to get things done, the morning also occurred a little problem, the MySQL process, the w3wp process continues to rise, CPU use again on the 100%. MySQL process issues, good news on the Internet, I follow the operation, completed. W3wp because of last operation, it is unknown. But as I finished, I found that the CPU usage did not drop, so I restarted the IIS and restarted that, and CPU usage dropped from 100% to 1%. I think it should be a site out of the question, so I put the server from the thought that the program will have problems in a few sites to stop running, the result was I was right, and sure enough I put one of the stops after the CPU utilization rate dropped, I opened, and then Rose. This station is a PHP program, the database has a dot error caused. I immediately restarted the service pool, and the server was all right.

Server Normal, I check whether the site has been K, after all so many days, the site is not normal. After the search, the interesting picture is now in front of my eyes (see Figure 2), the site's snapshot back to the file to March 21, 2003, it is amazing. In 03, the station did not know where it was. The ranking of the website is still alive. In this case, I think it should be caused by spiders too frequently. However, this situation, no relationship, as long as the content of the updated site, as long as included, tomorrow will be able to recover.

(Figure 2)

The above is I want to share with you, in this I told everyone, the server in the installation of PHP environment, we must pay attention to the security policy must be. Otherwise there is a problem, trouble oneself, bitter also or oneself. This to the customer have to confess, otherwise the word of mouth is too bad. If the company does not have a good knowledge of the server, it is best to find a professional service server industry to maintain, spend some money, we are less careful. It's worth it. Otherwise, you will regret it. Due to the limited ability of personal expression, but I also try to make friends can read every word I say, as well as the center of the article. Finally also want to know more, more senior practitioners: Hangzhou Art Training (http://www.art2009.cn) SEO professional consultant Chamvin. Reprint please detail source OH. Thank you!