Many webmasters because of the use of online uncommon programs, there are loopholes can not be patched, and they do not have the ability to repair the programming or simply do not know the loophole there, after the recovery of the horse after the process of the results were soon hung ... There are a lot of people even if the application of a relatively wide range of procedures, but also may be due to the failure of timely patches or loopholes in the official has not found the horse was hung.
It's not a problem to be hung up. How can we completely eliminate the horse that is hung? Make the program perfect, without any loopholes? This possibility seemed close to 0. We can only find a way from other places.
First, let's see how the horse hangs up. First, the "hacker" will find a loophole, and then use this vulnerability to upload a backdoor to get Webshell, this upload program is generally ASP files (this article in ASP as an example, the other basically the same), Or he would create a directory with a name that looks like an ASP file and then upload a backdoor in this directory. Then the hacker will run this backdoor program, modify all the site. Asp. Htm. HTML file, add the code to the calling Trojan.
(a problem with a vulnerability in which the name looks like a directory of ASP files has previously been resolved.) Look for yourself, this article is no longer cumbersome. )
Summarize and analyze what "hacker" has done to our website:
1. Upload a file (create or modify an ASP file).
2. In the ASP and other files add the call Trojan code (modified. asp,. Htm. HTML file).
Analysis of what the "hacker" specifically did, and then analyze our own website:
1.ASP Program files generally do not need to modify or need to create a new, as long as the operation is enough.
2. The process of generating an HTML file is to delete the old HTML file with the same name under the same path, and then create a new one that is created directly if it is not.
With this in mind, let's look at the title of this article, and if you've used McAfee, you should think about what we're going to do. Right! With access rules to the "hacker" to do everything to prohibit and then put our own need to leave the permissions!
For ASP files, "Hackers" are created and modified, and we only need to read and run. So the rules are as follows:
We can disable this rule ourselves when we need to create and modify an ASP file.
For HTM, HTML files, "hacker" is modified, and we need to create, delete, read, and so on. Then the rules are as follows:
In addition, we will create a few new rules, the above image in the name of the *. HTM replaced by *. HTML, *. JS, *. CSS and other files such as these files "hackers" can not be modified to hang the horse. Disable the rule first when we need to modify the files ourselves.
After doing so, even if our website program has a loophole, it will not let the "hacker" hang on the horse!
Web site was hung in the era of horse, let McAfee come to an end you!
Think thousand Open (www.yes1000.com) original article, reprint please keep this information * * * * *
