A: Hanging horse prevention measures: 1, the user is advised to upload and maintain the Web page through FTP, try not to install the ASP upload program. 2, the ASP upload program calls must be authenticated, and only allow trusted people to use the upload program. This includes a variety of news releases, mall and forum procedures, as long as the ASP can upload files to be authenticated! 3, the ASP program Administrator user name and password to have a certain complexity, not too simple, but also pay attention to regular replacement. 4, to the regular website download ASP program, after downloading to its database name and storage path to modify, database file name also have a certain complexity. 5, to try to keep the program is the latest version. 6, do not fill the page with the background Management program landing pages link. 7, in order to prevent the program has an unknown vulnerability, you can delete the background Management Program landing page after maintenance, the next time the maintenance by FTP upload. 8, you should always back up the database and other important files. 9, daily to more maintenance, and pay attention to whether there are unknown in the space of ASP files. Remember: A sweat, a point of safety! 10, once found to be invaded, unless you can identify all Trojan files, otherwise delete all files. 11, regular site security testing, specific can use some tools online, such as the Sinesafe website horse detection Tools! Two: horse-hanging restoration measures: 1. Change the password for the account either commercially or not, the initial password is mostly admin. So the first thing you get when you get a website program is "Change your account password." Account Password don't use what you used to do before, change something special. Try to keep the alphanumeric and the symbols together. In addition, the password preferably exceeds 15 bits. If you use SQL, you should use a special account password, do not use what the admin or the like, otherwise it is easy to be invaded. 2. Create a robots.txtrobots that can effectively prevent hackers who use search engines to steal information. 3. Modify background file The first step: Modify the name of the verification file in the background. Step Two: Modify the conn.asp to prevent illegal downloads, or you can encrypt the database after you modify the conn.asp. Third Step: Modify the Acess database name, the more complex the better, you can change the directory of the data. 4. Restrict Login Background IP This method is the most effective, each virtual host user should have a function. Your IP is not fixed, you have to trouble every time change, safety first. 5. Custom 404 page and custom delivery ASP error 404 can let the hacker in bulk to find some important files in your background and check the Web page for an injection vulnerability. ASP error, you may send the message to the unknown person. 6. Carefully choose the website program to notice whether the website program itself is storedIn the loopholes, good or bad you should have a balance in my heart. 7. Careful upload vulnerability It is reported that the upload vulnerability is often the simplest is the most serious, allowing hackers or hacker to easily control your site. can prohibit uploading or restricting upload of file types. If you do not understand, you can find your website program provider. 8. Protect cookies from unauthorized access to other sites to prevent cookies from being compromised. Remember to exit the key when you close all browsers. 9. Directory permissions ask the administrator to set some important directory permissions to prevent unusual access. If you do not give the upload directory script permissions and do not give the non-upload directory to write rights. 10. Self-test now in the online hack tool a bunch, not to find some to test your site is OK. 11. Routine maintenance A. Regularly back up data. It is best to back up the backup files once a day and delete the backup files on the host after downloading them. B. Periodically change the name of the database and the administrator's account. C. Use Web or FTP management to view all directory volumes, last modified time and number of files, check if there are any exceptions to the file, and see if there are any unusual accounts. Website is hanging horse is generally a Web site program is a loophole or server security can not meet the target by the illegal hacker attack and hanging horse.
Have the condition to recommend to seek professional to do website security sine security to do security maintenance. To prevent websites from being hacked, prevent websites from being hung up and prevent websites from being hacked!
5. Package Packers to prevent hackers from decompile
9. Backstage uses the intelligent path, prevents the hacker to visit the backstage
How to prevent the website from being hacked, how to prevent the website from being hanged, how to prevent the website from being invaded?