Ultimate website anti-hacker Method

As an old webmaster and an old webmaster who has been operating with hackers for many years, today I will also talk about my experience in preventing the website from being hacked. Hackers are not terrible. What's terrible is that they don't know how to prevent hackers !!!
1. Set strict permissions.
Only write and read permissions are granted to the uploaded directory, and execution permissions are not allowed.
Each website uses an independent user name and password, and the permission is set to Guest.
Command: net localgroup users myweb/del
Set MSSQL, Apache, and MySQL to run with the Guest permission: enter service. msc in the running state, select the corresponding service, and run it with the Guest permission account.

Ii. Prevent SQL Injection
In the past, the general anti-injection module was used to compete with hackers for many times. I understand that the general anti-injection module is useless. If someone CC my website, the general anti-injection module will kill my website !!

Using a dedicated Web application firewall is a wise choice. The number of hardware firewalls is several hundred thousand. I don't have that much money, so it's not something that our guys can use. I still like to use the free software "xunxun website firewall". The Standard Edition can be registered for free.

3. Prevent zero-day IIS 6.0 attacks
One of 0 days:
IIS is a fatal injury. Many websites are infiltrated by hackers like this: hackers create a website named aaa. asp Directory, and then in aaa. put an image trojan in the asp Directory, and hackers access aaa. asp/xxx.jpg can access the Trojan.
0day 2:
A hacker uploads files such as aaa. asp; bbb and jpg to the server. This is not jpg. IIS 6 will be truncated at the semicolon, and jpg will be executed as asp.

Solution 1: when encoding, prohibit the directory from containing "." And the file name ."
Solution 2: If the website already has too many users and you cannot modify the code, you can consider the aforementioned xunxun website firewall.

Iv. Detection of hacker attack traces
1. shift backdoor Detection:
Remotely connect to MySQL 3389 and press Shift for five consecutive times. If the sticky key menu is not displayed, a backdoor is installed. In Windows folder, search for sethc.exe and delete it.
2. view the Document and Settings directory
If folders of suspicious users are found, they are hacked.

5. Delete dangerous components
1. Delete Wscript
Regsvr32/u C: windowsSystem32wshom. ocx
Del C: windowsSystem32wshom. ocx
Regsvr32/u C: windowssystem32shell32. dll
Del C: windowssystem32shell32. dll
2. Delete MSSQL dangerous stored procedures
Ms SQL SERVER2000
Log on to the query analyzer using a system account
Run the following script
Use master
Exec sp_dropextendedproc xp_cmdshell
Exec sp_dropextendedproc xp_enumgroups
Exec sp_dropextendedproc xp_loginconfig
Exec sp_dropextendedproc xp_enumerrorlogs
Exec sp_dropextendedproc xp_getfiledetails
Exec sp_dropextendedproc Sp_OACreate
Exec sp_dropextendedproc Sp_OADestroy
Exec sp_dropextendedproc Sp_OAGetErrorInfo
Exec sp_dropextendedproc Sp_OAGetProperty
Exec sp_dropextendedproc Sp_OAMethod
Exec sp_dropextendedproc Sp_OASetProperty
Exec sp_dropextendedproc Sp_OAStop
Exec sp_dropextendedproc xp_regaddmultistring
Exec sp_dropextendedproc xp_regdeletekey
Exec sp_dropextendedproc xp_regdeletevalue
Exec sp_dropextendedproc xp_regenumvalues
Exec sp_dropextendedproc xp_regremovemultistring
Exec sp_dropextendedproc xp_regwrite
Drop procedure sp_makewebtask
Go
Delete all dangerous extensions.
Exec sp_dropextendedproc xp_cmdshell [after this extension is deleted, the database cannot be remotely connected]
The following three stored procedures will be used when SQL SERVER recovers the backup. Do not delete them unless necessary.
# Exec sp_dropextendedproc xp_dirtree [after you delete this extension, you cannot create or attach a database]
# Exec sp_dropextendedproc Xp_regread [restore the database after deleting this extension]
# Exec sp_dropextendedproc xp_fixeddrives [the database cannot be restored after this extension is deleted]

Today, I want to help the majority of webmasters!