Is the user's virtual host hacked and is the server unsafe?

Source: Internet
Author: User
Tags file upload access database

Is the user's virtual host hacked and is the server unsafe?

Each virtual host user has FSO permissions (FSO popular explanation is that the user has the right to read and write and full control of the space), that is, the user was uploaded the ASP program, with the FSO want to do anything it can do. For example, some unsafe forum programs, are uploaded to execute the ASP program, you can take away or erase the content of a user.

A virtual host of a Trojan horse can only operate on this space, is not able to operate other people's space, also can not control the server. This is for sure.

We can not replace the user to design his own web site program, what you could do is, in the virtual host management using the lock upload function, the use of the function does not execute permissions, can help users without technical basis to improve the security of his program. Here are the specific reasons and how to set them up:

1, why the space will be black and after the black processing method

The user's host is hacked (poisoned or modified code or website program is downloaded directly by people, etc.) there are generally two possibilities:

1.FTP password is too simple, such as you set the password to a simple password such as 123456,china,red, such as a very simple password or your FTP name and password is the same, such a password will be in the short term by some malicious people to search, landing your FTP, Put the Trojan in your site program (the state is when everyone visits your site prompts for a virus) or delete all your sites.

The solution is: completely delete all the data in FTP, the FTP password to modify the more complex, such as modified into jkgraweihrfweu such a rule-free password, while ensuring that your FTP name and your FTP password is not the same, upload clean site.

2. Your Web site program is not safe or there would have been loopholes or Trojan programs, such as your site may be random from the Internet directly used to download, you have not checked for loopholes or Trojans and so on, the solution is: if you know more about the program, please check the program code, If you are not familiar with the Web site program, we recommend that you do not use the download from the Internet program, we recommend that you download some well-known sites of mature programs such as Discuz Forum, New Yun, dynamic, etc. or to buy a well-known site of the business process (need to constantly see whether the official site has new patches, Otherwise, the program will be black, and you must modify the default admin username and password for this kind of Web site program, and if it is the Access database Web site program, you must also modify the default database path and database name.

The solution is: completely delete all the information in FTP, upload clean site, to ensure that the site program without loopholes or Trojans.

3. Use this site to provide the Set Write permission function, will your entire space lock write function, and then independently open a need to write the directory write permission, if you need to update the site, open Write permission, update complete, please lock write immediately, This can avoid being passed into a Trojan horse or after the introduction of Trojans can not delete your data. (See the bottom of the detailed setup method.) )

4. Use the settings provided by the site to perform permissions functions, turn off permission to upload directories in your site or directories that do not need to execute code, such as the forum's upload directory and avatar directory or picture catalogue, often used to upload trojans, black The forum, you should remove these easily exploited directory code execution permissions, So even if you are introduced to the Trojan, can not be implemented, if you open an upload directory, please be sure to cancel this directory to execute permissions.

2. In summary

When a Web site is running properly: space should all turn off Write permission, only a few directories that require write permission, and a directory where write permissions are reserved, you must turn off execution permissions. When the site needs to be updated: All write permissions are open, and the Write permission is turned off immediately after the update is complete.

Principles are:
1. Directory with write permission, cannot have Execute permission
2. Directory with execute permission, no write permission
This ensures the maximum security of the site

Actual example:
For example, a user space is a forum: The forum is allowed to upload attachments
Security Settings method
1, often: see the official forum There are no new patches, you must ensure that their forum procedures are the latest, otherwise set the security may also be a problem.
2, off: The entire space write permission.
3, open: File upload directory, database directory, avatar directory Write permission
4, Close: File upload directory, database directory, Avatar directory execution rights
This can maximize the security, that is: can maximize the guarantee not to be introduced to the Trojan, even if the incoming can not be executed.


3, the company's technical personnel recommendations (experience)

In all the hacked sites, more than 95% are ASP sites, and PHP site less than 3%, although from these statistics, we can not say that PHP is certainly more secure than ASP, but at least can explain the use of PHP to do the site, the chance of being black may be the least, so the company technicians suggest, if possible , please try to use PHP to do the website (download PHP written web site program)

Note: The above suggestions for the program master is not suitable, because any one language, as long as the experts to check the loopholes, and the Web site to run the process, day-to-day management to keep pace, relatively safe, contrary to security procedures, as long as not management, always have been black day.

The following is a specific procedure for setting write permissions and performing permissions

1. Set Execution Permissions

This feature cancels asp/php/asp the specified directory. NET execution permissions.

Log in using your username and password (click on the following steps)
(1) Self-service management--host management--management under Operation--[Set Execute permissions]--Enter the directory where you want to cancel execution permissions---Point to cancel this directory to perform the ASP, and so on.
(2) A directory that has been removed from execution can restore the execution rights of this directory.
(3)Note: The directory that is being canceled does not execute code, and the FSO feature is closed.

2. Set Write permission

This feature makes it important for security to turn off write permission for the specified directory (only read permission has no write permission). For example, you can place access in a directory with Write permissions (modify the database connection file first, set the database path), and close the write of the web directory so that the ASP Trojan cannot upload at all. When the entire Web site is locked, you can also set the specified directory individually with write access.

Log in using your username and password (click on the following steps)
(1) Self-service management--host management--operation management--[set Write permission]--the Write permission to close the site.
When the entire Web site is locked, you can also set the specified directory individually with write access. Enter the directory name you want to write to, point to open the Write permission for this directory, or turn off write access to this directory.
(2) The site that is turned off write permission can restore the Write permission of the site.
(3)Note: The site where the Write permission is closed, the subdirectory, and the FSO are also closed at the same time.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.