To learn to calmly face the website is hacked

In this misery of the Internet battlefield, many webmasters have encountered the same industry malicious attacks, hacking and so on security threats to the problem bar. Small part of course is no exception, do optimization for more than two years, interrupted by the hacker also struggled with the hackers for more than two years, from the initial hand to the present stride, let the small series teach you how to calm the site is black bar.

First of all, we all know, met the site is black, the first time is to first put someone else malicious embed code or something to remove, and then to slowly find the server or space loopholes to fill these loopholes to prevent the next attack, and how to find your server vulnerability, This is to see how hackers get into your site, each server will have a log of the site, generally save time is within one months, you can put these web logs out analysis. Analyze when hackers come to your server, what channels and what tricks come to your site. Log this is important, which is the key to our analysis of Web site vulnerabilities.

　　

The second step is what I'm going to say. How to deal with hacked pages and information! be black pages and information do not blindly to recover, to delete. Sometimes a cunning hacker will embed hidden asp/php programs in your website, and you can delete this information blindly, you will find that you can't find the place to start. What we are going to do is to find the root of the hacker in our server or the virtual host, and only by uprooting can we solve the problem fundamentally. In general, security hooks and other security software can be used for code cleanup and sweep, thoroughly detect the presence of the site space attack code. and use antivirus software to find the virus after the site is not busy to delete, generally compared with the mind of the hacker will not simply leave a backdoor, take my site, my station is PHP I deleted a virus, originally thought to be peaceful. Unexpectedly after 1 weeks, the virus has appeared, this is to eat a loss your wit ah. The right thing to do is to see the virus inside the site. Look at the modification time of the virus, then the site root directory of other changes similar to the virus basically will be suspected.

Find out the other side of the virus and back door, the next can be in our first step of the site log in the back door for the keyword, find out the relevant IP segment, through this IP segment to analyze how hackers are attacking the site. Understand each other's detailed intrusion process. Because after all, only vulnerable hackers will use your loopholes to leave the back door to your server to tamper with. Now we have identified the location of the vulnerability, to update or repair the vulnerability in a timely manner. Then the hacker left behind the virus and the back door to kill, to achieve the fundamental meaning of the killing.

The last is to modify all the website, server, FTP and other file transfer software password, and I recommend the best to modify the server port, Super Administrator password. After all, be careful to sail the boat. And we get that IP, the site was invaded by the log analysis, submitted to the local network police. The next thing to the network police to deal with it.

Do the above, I believe the face of the server site is black. We have been able to get the soldiers to block the punches.

To learn to calmly face the website is hacked