Reasons and solutions for your website being hacked

Your website is hacked for the following reasons:

1. Your customer's websiteCodeThis vulnerability is caused by a security vulnerability.

If most users' websites on your server are normal and only a small number of users' websites are hacked
Is there a problem with your website code hacked by a small number of users, resulting in security vulnerabilities?
. There is no way to solve this problem, and it is not your responsibility.

Analysis description:

1) As we all know, "virtual host provider" applies to each of its VM users
FSO file operation permissions are assigned.
Any file that is modified or uploaded at will. If your user does not protect your score
The legitimate permissions assigned to them allow hackers to take advantage of them.
The website is damaged by the Legal permissions you provide to your users, but your Users recognize
This hacker intrusion is not caused by him, but by you, and you have heard of you
The user may mistakenly think that the problem is caused by a problem in his or her system.
It is caused by your own users.

For example, your users use some insecureProgram(For example, "dongwang Forum ").
The code design of the program itself has vulnerabilities, which are easily exploited by hackers to upload webpages.
Hackers can manipulate webpage Trojans and use the legitimate permissions assigned to users.
Damage your user data and modify webpage files, and even cause the website to be completely
Cannot open. These methods are the most common "the customer's website code has problems, exist
Security vulnerabilities ".

2) When your customer's website is hacked, you do not need to worry about it.
Intrusion will not affect the normal operation of your server, nor affect your
Other Websites on the server are normal customers, because you only need to install
The servers on the virtual host management platform] are protected securely.
Permission of each VM user activated on the [off-star virtual host management platform]
Limits are independent and strictly restricted, and each virtual host user cannot
When files of other virtual host users are used, hackers intrude into one of the virtual
And there is no way to destroy other virtual hosts. Therefore, you can rest assured
Your server is secure.

3) when your user's website is hacked, you only need to tell your user truthfully that this is his/her own
You cannot solve problems with your website code. Because this is not
You may not be able to help him redesign the Code with security issues because
You are not their programmer and are not obligated to do such a thing for your customers
You have modified the webpage code and made security settings.

4). If your customer has backed up the website, you can recommend that the customer rebuild the website.
And then upload it again to restore the Website access.

Bytes -----------------------------------------------------------------------------------------------------------------

2. Your server is infiltrated.

When virus code is added to all user websites on your server, and this virus generation
The code can be found in the original file on the server, which indicates that your server is intruded.
.

Cause: your server is intruded, indicating that the security settings on your server are not in accordance with the [Star
External virtual host management platform] "security video tutorial" requirements to set, will be exported
As a result, the original files on your server have been rewritten by hackers, resulting in a network of all your users.
The website is intruded.

Solution:

We recommend that you reinstall the system and install
The video tutorial requires you to reset the security of your server.
To eliminate security vulnerabilities on your servers.

Bytes -----------------------------------------------------------------------------------------------------------------

3. It is caused by ARP virus in the IDC where your server is located.

When virus code is added to all user websites on your server, and this virus generation
The "cannot be found" in the original file on the server indicates the data center of your server.
Caused by ARP virus.

For specific causes and solutions, refer to the followingArticleTo understand and solve the problem:
Http://www.jb51.net/article/13510.htm