The security software installed on the computer has no problem with the usual SQL injection, until it encounters a CC attack. The author of this article will teach you how to quickly deploy a secure dog to resolve a cc attack.
On hand there are several sites: 1 Z-blog blog, 1 phpwind Forum, 1 discuz! Forum, traffic is not high, so use a 512M memory VPS is enough to use, peacetime speed is also good.
But the website is the network security class, therefore, to the website attack Gesanchaiwu also has. Fortunately, most of the time is scanning, casing, with a security monitoring software detection of the most attacks attempted a day 80,000 times. But with security software in common, attacks like SQL injection are no problem--until a CC attack is encountered.
The first performance was w3wp.exe, which consumed CPU resources from 30% to 100%.
Initially thought it was a program or a database problem, look at the program on the VPS, found that there was no tampering, and then the. mdb database was compressed, but found no effect. This time, I feel, is encountered attack, so download the analysis software, found that a large number of requests are Z-blog blog program catalog.asp to carry out multiple parameters, this file can read tags, and my site tags and more, so frequent inquiries will inevitably cause a sharp decline in performance.
As you can see, the catalog.asp file (in fact there are a few, but the most obvious of the file) the speed of execution, has reached a point of intolerable!
I've thought about deleting or renaming catalog.asp and other documents: But it doesn't solve the problem. Deletion of this file caused by the loss of traffic and functional loss is unacceptable to me; The attacker could also use the renamed file to attack.
In fact, for such an attack, the things that can be done by hand are very limited!
Found several security protection software, most of the CC's preventive effect is not good, can not be said to be completely ineffective, but only a limited defensive effect. So, finally, I put on a safe dog!
The safe dog is divided into 2 versions: Server Security dog, website security dog. The former mainly carries on the security guard to the server, the latter mainly carries on the security protection to the Web server. For Web servers, it is recommended that 2 be installed together.
On server security dogs turn on the DDoS protection function:
Turn on the CC attack protection on the site's secure dog:
Then the CPU occupancy rate on the server is down. Although there will be an instant occupancy too high, but the site's browsing is no longer affected, the purpose has been achieved.
Then look at the two software, the function is quite a lot:
Server Security Dog: System vulnerability repair, registry optimization, garbage cleanup, account security protection, Remote Desktop protection, application guarding, system resource guarding, timer operation, DDoS Firewall, ARP firewall, network monitoring, IP firewall, mail alarm, etc.
Site Security Dog: Web Trojan Scan, active defense (SQL injection Protection), Web site resources anti-theft chain, site-specific resource protection, CC attack protection, multithreading download control, IP black and white list.
Safe Dog Two product installation configuration is very user-friendly, basically "next" can be completed deployment. and can facilitate the system reinforcement and web security protection, very suitable for personal webmaster, IDC use.
website cc attacker www.fkddos.com