Let McAfee end the era of website Trojans

Many webmasters use uncommon online Program The vulnerability cannot be patched, and the vulnerability cannot be fixed without the programming capability, or the vulnerability is unknown. After being infected with a Trojan, the program will be restored and the program will be suspended soon ...... Many people, even if they are using a widely used program, may be infected because they have not been patched in time or the vulnerability has not been officially discovered.

It is not a task to get stuck. How can we completely eliminate Trojans? Making the program perfect without any vulnerabilities? This possibility seems to be close to 0. We can only find a solution from other places.

First, let's take a look at how the horse got mounted. First, the hacker will find a vulnerability and then use it to upload a backdoor program to obtain webshell. The uploaded program is generally an ASP file (this document uses ASP as an example, or, it creates a directory with a name that looks like an ASP file and uploads a backdoor program in the directory. Then the hacker runs the backdoor program, modifies all the. asp,. htm,. html files on the website, and calls the TrojanCodeAdd.

(A solution has been issued for the vulnerability in directories whose names look like ASP files. Find it by yourself. This article is no longer cumbersome .)

Summarize and analyze what hackers have done to our website:
1. uploaded a file (created or modified an ASP file ).
2. Add the trojan code (modified the. asp,. htm, And. html files) to files such as ASP ).

After analyzing what hackers have done, let's analyze our website:
1. ASP program files do not need to be modified or created, as long as they are run.
2. The process of generating an HTML file is to first Delete the old HTML file with the same name in the same path, and then create a new one. If it does not exist, create it directly.

After analyzing these points, let's look at the title of this article. If McAfee is used, you should think about how we do it? Yes! You can use access rules to deny all operations performed by hackers and leave the permissions we need!

For ASP files, "hackers" create and modify, and we only need to read and run the files. The rules are as follows:

We can disable this rule when creating and modifying ASP files.

For htm and HTML files, "hackers" modify them, and we need to create, delete, and read them. The rules are as follows:

In addition, we will create several new rules to put *. change HTM *. HTML ,*. JS ,*. CSS and other files so that these files "hackers" will not be able to modify the Trojan. Disable the rules when we need to modify these files.

After doing so, even if our website programs have vulnerabilities, they will not mount the "hacker!
In the age of website Trojans, let McAfee end you! * ***** Original Qiqian kai (www.yes1000.com)Article, Reprinted, please keep this information *****