The following are the corresponding security dog settings and attack screenshots:
Figure 1 Opening Windows short file name Vulnerability interception
Figure 2 Windows short file name Vulnerability interception screenshot
At the same time, in the website Security Dog's protection log, the user may inquire to the corresponding protection information, the screenshot is as follows:
Figure 3 Corresponding protection log
Site security is very important, we recommend that users friends, do a good job of security protection settings to ensure the safe operation of the website.
Website Security Dog "Disable browsing for Malformed Files" feature settings
Hackers can successfully execute code by constructing the suffix name of a malformed file such as x.asp;jpg, and then get the necessary information such as Web site configuration, which will seriously threaten the safety of the website.
How can we prevent this from happening? Web site Security dog's network Horse protection function can intercept the local malicious upload Trojan horse in order to ensure the server system security. The user can turn on the network Horse protection--"Disable browsing Malformed files" feature to intercept this type of attack.
Following is a screenshot of the corresponding security dog setup and attack test:
Figure 1 Opening the Disable browsing of malformed files
Figure 2 Safe Dog intercept screenshot
At the same time, users can be in the site Security Dog Protection log query to the corresponding protection details, screenshots are as follows:
Figure 3 Blocking the protection log accordingly
At this point, the site security dog-Net horse protection--"Prohibit browsing malformed files" function has been all set up, the site security is very important, do a good job of security protection settings.
Site security dog "Illegal URL blocking" feature settings
"Illegal URL interception" function point is one of the function points, below we specifically look at:
Figure 1 Net Horse Protection main interface
What is an illegal URL attack? It means that an attacker uses IE vulnerabilities to construct an illegal URL link. Hackers use URL holes to construct similar. asp.jpg such as String access, but in fact this string does not exist, if the hackers do so can be illegal access to information on the server installed software, and then through the vulnerability intrusion.
So how do we avoid this attack? Users only need to open the Web site Security Dog Horse Protection-"Illegal URL interception" function can intercept this kind of attack.
Let's take a look at how the "illegal URL blocking" feature is set up.
The corresponding security dog settings and attack test screenshots are as follows:
Figure 2 opening the illegal URL interception function
Figure 3 The interface for illegal URL blocking
At the same time, users can be in the site Security Dog Protection log query to the appropriate protection information, as shown below:
Figure 4 Illegal URL blocking protection log
Site security is very important, we recommend that users friends, do a good job of security protection settings to ensure the safe operation of the website.
To prevent requests outside of the Get,post feature settings
The HTTP protocol is used primarily for get and post requests to transmit data. If a hacker is familiar with the HTTP protocol, he can send the code to the site via a request other than get or post, such as a put protocol, which could compromise the site's data.
How to prevent such a situation from happening? Users can open the Web site Security Dog Horse Protection--"No get,post request" function to defend against similar attacks. The corresponding security dog settings and attack test screenshots are as follows:
Figure 1 Opening a request other than Get,post
You can use the HTTP protocol Debuger tool for "requests other than Get,post", where the method chosen is put and the tool settings are shown in the figure:
Figure 2 Setting screenshots
At the same time, users can also be in the site Security Dog Protection log query to the corresponding protection information, screenshots are as follows:
Figure 3 Intercepting the protection log
At this point, the site security dog-Net horse protection--"no get,post outside of the request" function has been set up, site security is very important, do a good job of security protection settings.
Once a hacker has deliberately browsed its constructed file code, it can easily obtain the necessary information such as Web site configuration by executing the set code, which can seriously threaten the security of the website.
So how do you defend yourself? Users can open the Web site Security Dog Horse Protection-"Browse defense"-"open browse file Active defense" function. When this feature is turned on, if a hacker is found to be in a corresponding type of attack, a safe dog will be intercepted. The corresponding security dog settings and attack test screenshots are as follows:
Figure 1 Opening the navigation defense function
Figure 2 Open Browse Defense intercept screenshot
At the same time, users in the Web site Security Dog Protection log can find the appropriate protection records:
Figure 3 Blocked protection log
Site security is important to remind friends to do a good job of security settings.
It is also important to upload defense settings. Hackers through the construction of the suffix name contained in the white list mechanism inside the suffix can be successfully uploaded to the server and then combined with the IIS parsing characteristics can successfully execute the code, and then obtain the necessary configuration information, which will seriously affect the security of the site, so also need to upload the necessary defense of the file. Security Dog users can open the Web site Security Dog Horse Protection of the upload defense function to intercept such attacks.
Figure 1 Opening the upload defense function
When we upload a specific extension of the ASPX file, due to the opening of this feature, the attack on this kind of attacks will be blocked by the Web site security dog caused by the failure of the upload file prompts, the corresponding security dog test screenshot is as follows:
At the same time, the user can be in the website Security Dog Protection log to query the relevant attack information, screenshot as follows:
Figure 3 Protection Log screenshot
NET horse protection--"hanging horse defense" function
Figure 1: Horse-mounted defense open
Turn on the net horse protection--"horse defense" function, when we upload a specific file will appear by the site of the security dog interception and caused the upload file failure prompts:
Figure 2 Screenshot of Intercept
At the same time, users can be in the site Security dog protection log, see the corresponding interception log, screenshot as follows:
Figure 3 Correspondence Protection log
NET horse protection function is a website security dog's important function, completes each function point the security setting, protects the website security
