Site Security dog Since its launch last year, by the vast number of users welcome friends. From the beginning to the present, the site security dog upgrade frequently, enrich and improve the functions, and constantly upgrade to meet the needs of users of security protection. This time, after more than six months of careful construction, September 26, the Safe Dog Internet Security Laboratory launched a new version of the security Dog v2.4 official version, this version of the new architecture, perfect design, all-round aspects of the safety of the site to enhance the safety of the dog's security effectiveness and user experience.
Website Security Dog is a set of Web site content security protection, website resource Protection and Web site traffic protection function as one of the server tools. With anti-SQL injection attacks, anti-theft chain, anti-CC attacks, web site traffic real-time monitoring, web site CPU monitoring, horse/trojan scan, IP black and white list management functions. Website Security Dog v2.4 Edition not only evaluates and summarizes user feedback, the original functions are improved, such as the introduction of CC protection session mechanism (to prevent false interception), the optimization of the IIS Semicolon Vulnerability Protection algorithm and SQL injection protection algorithm (to avoid being bypassed), but also according to user needs of new network horse Active defense, Combined with the Cloud Security Center added a Web page tamper-proof functions, to meet the security needs of many users, for the vast number of users to provide high-performance comprehensive security protection experience.
To better scan the net horse, Trojan, protect the website security, the website Security Dog v2.4 Edition has added the net horse, hangs the horse active defense function, including prohibits the specific file to upload, the IIS directory flaw, the short file name Vulnerability protection. Provide three kinds of defense methods, "Browse defense", if the visit is the network horse files, will be directly intercepted; Upload defense ", the administrator can set a ban on the upload of specific types of files, such as the addition of ASA format, then upload, this type of file can not upload success;" Horse defense "is mainly used to detect upload data, detect URLs, detect cookies." These three kinds of defensive ways of flexible combination, to help users better prevent the network horse, Trojan upload.
Previous user feedback browsing site is often intercepted, encounter "from the Security Dog Internet Security Laboratory--Website Security dog software friendly reminder" of the prompt page, in the v2.4 version, in order to solve this problem, so that users have a better experience, CC protection function introduced session mechanism, so that interception more humane. The session mechanism is divided into two modes: one is transparent session verification mode, which is mainly verified by the system without user manual setting, and the second is the click-by-session authentication mode, which is opposite to transparent session authentication, which requires user's setting. When the number of clicks by the user exceeds the number of visits made by the manager, a page is ejected to remind you whether to continue the visit. At the same time, when choosing a good session mode, you can also choose your own satisfactory verification mode: the first is to trigger the access rule verification, which is related to the number of visits per second set by the manager, when more than the set times, will be reminded; second, the first visit on the session verification, as implies is aimed at the first visit of all. If the number of accesses is exceeded, the IP subsequent access is 30 minutes (this parameter user can adjust flexibly) inaccessible.
Web tampering is a network of attacks commonly used by attackers, a serious threat to the security of the site, in order to increase the security of the dog's security defense capabilities, but also to meet the needs of users, in the v2.4 version of the new page tamper-proof features, users can combine the security Dog Cloud Security Center to use this Security Dog's Web page tamper-proof technology is the combination of Web container embedding technology, driver technology and cloud computing technology, providing a Web tamper-proof service based on SaaS mode.
Website Security Dog v2.4 Edition, updated, optimized a number of functions, in addition to the above, but also optimized IIS semicolon Vulnerability protection algorithm and SQL injection protection algorithm; SQL injection of new whitening list, XSS protection rules, domain name selection dialog box new Lookup function, anti-theft chain trusted domain name increase to *. top domain name support, strengthen anti-theft chain session protection function; Optimize the log interface and CPU monitoring interface memory management, and consume less memory; Optimize plug-in architecture, Improve operational efficiency, etc., to provide users with a full range of security protection capabilities.
Today, a variety of network security accidents frequent, web site security is seriously threatened, the security dog Interconnection complete Laboratory as a senior server security experts, will continue to improve the new performance, to meet the current changing network security environment, for the user security protection needs to provide strong support!