When I looked at McAfee's logs today, I stumbled across that you could only block the IIS process from creating and modifying ASP files (This article takes an ASP file as an example, and other program settings are basically the same), so we use other methods (such as modifying directly on the server, modifying via FTP ...). Modifying ASP files will not be affected. In this way, this rule can intercept illegal operation without affecting the normal use. Rules See figure:
In this way, without affecting the normal use of the case to sever the hacker upload Trojan do bad things possible. This method can be used for anyone, but also suitable for the host to install the server to their own virtual host, to ensure that users on the server site security.
Basically, after this set up even if the site has any loopholes, the site will not be uploaded Trojan hanging illegal code, or the site was deleted, modified.
One thing to note: Because this rule will prevent the IIS process from modifying any. asp files, if your site uses an Access database, use this rule to modify the database to a different suffix name.
If you are a host, then you need to tell your users that you cannot change the database suffix to ASP. Otherwise the database will not be writable.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
