Websites are classified as network security. Therefore, attacks against websites are also classified as attacks. Fortunately, most of the time it was scanning and stepping on the site, there were 80 thousand million attempts to use a security monitoring software to detect the most attacks a day ......
However, due to security software installed, General SQL injection and other attacks are still okay-until CC attacks occur.
The initial manifestation is that w3wp.exe consumes CPU resources, from 30% to 100%.
At first, I thought it was a program or database problem. I checked the program on VPS and found it was not tampered with. mdb database was compressed, but it didn't work. At this time, I felt like an attack ......
So I downloaded the analysis software. chouwazi.com found that a large number of requests were for the catalog of the Z-Blog program. asp submits multiple parameters. This file can read tags, and many tags exist on my website. Therefore, frequent queries will inevitably result in a sharp decline in performance.
Figure 2:
As you can see, the execution speed of the catalog. asp file (in fact there are several, but this file is the most obvious) has reached an intolerable level!
I tried to delete or rename files such as catalog. asp: but the problem cannot be solved. I cannot accept the traffic loss and functional loss caused by the deletion of this file. Attackers can still use the renamed file to launch attacks. Chouwazi.com
In fact, what you can do with such attacks is very limited!
I have found several security protection software, and most of them are not very effective against CC attacks. I cannot say it is completely ineffective, but it has only limited defensive effects. So I finally installed a safe dog!
Dongle is divided into two versions: Server dongle and website dongle. The former focuses on server security, while the latter focuses on WEB server security. Chouwazi.com is recommended for two Web servers.
Enable DDoS protection for the server dongle:
Enable CC attack protection on the website security dog:
Then ...... Yes, just like I thought, the CPU usage of the server has come down. Although the website will be occupied too high in an instant, the browsing of the website will not be affected and the purpose has been achieved
From stinky so's blog
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
