What if the website is attacked? 3 Ways to resolve Web site attacks

Source: Internet
Author: User

With the development of Internet, more and more people begin to realize the superiority of network propaganda. Large and small sites abound. However, with the increase in the number of sites, the problem has increased greatly. Competition between peers is also reflected in the network. Some criminals also gradually shifted their positions to the network for profit. Peers often hire hackers to suppress opponents attacking each other's website, and even some people deliberately attack someone else's website for protection fees. Attack you without giving money, and make your website paralyzed. For these kinds of things, the main site is often to seek help without a door anxious, forced to compromise.

Webmaster in the station to do the project should encounter similar problems, although we diligently to do their own station, but suddenly one day will find our site suddenly was black, this time as long as we open their site when the picture in front of us will often let us collapse unceasingly, At this time, the hearts of the webmaster is definitely hate tooth itch, but there is no way we do not provoke others, others do not necessarily do not provoke us, although the heart is very uncomfortable, but the problem also needs to be solved.

  Site attacks are generally divided into 3 categories, namely ARP spoofing attacks, CC attacks, DDoS traffic attacks.

  First, say ARP spoofing attack

If an ARP spoofing attack is to be initiated, the first thing to do is to control the Web site for the same computer room, the same IP segment, and the same VLAN, using the intrusion server method. After taking control, use the program to disguise the controlled machine for the gateway to spoof the target server. Such attacks typically sneak into the Web page or intercept some user names and passwords. It is easier to deal with this kind of attack, directly inform the computer room to handle the corresponding controlled machine.

  Second, CC attacks

Relatively speaking, this attack is more harmful. The host space has one parameter for IIS connections, and the Web site has a service unavailable when the visited web site exceeds the number of IIS connections. An attacker would be to use a controlled machine to continually send access requests to the attacked website, forcing IIS connections to exceed the limit, and when CPU resources or bandwidth resources are exhausted, the site is destroyed. For hundreds of trillion of attacks, the firewall is quite laborious, and sometimes even caused the firewall to run out of CPU resources, resulting in a firewall panic. More than hundred trillion, operators will generally be in the upper route to seal the attack IP.

For CC attacks, the general lease has anti-CC attack software space, VPS or server can be, or rent octopus host, this machine for CC attacks better defense.

 Third, traffic attack

is a DDoS attack, which is the most harmful of these attacks. The principle is to send a large number of packets to the target server, occupying its bandwidth. For traffic attacks, simply adding a firewall is useless and must have enough bandwidth and firewalls to work together to protect against it. If you want to defend against a 10G traffic attack, you must use approximately 20G of hardware firewall plus nearly 20G of bandwidth resources. If the cost of a hard-to-prevent machine is quite high, the 10G hard defense will be tens of thousands of yuan one months. However, if you use cluster protection (Octopus host), then the cost will be much lower.

 The website has been attacked, how should we solve it?

  First look at the server for the Web site

When we find that the site is attacked not excessive panic, first look at the Web server is not hacked, find out the black chain of the site, and then do the site's security defense, the specific operation is divided into three steps

1, turn on the IP-forbidden Ping, can prevent being scanned.

2. Close the ports that you do not need.

3. Open the firewall of the website.

These are only anti-simple attacks, if you feel too troublesome that can search (red Shield free against attack), when attacked, look for the above technician, there is free to help you fight the attack service.

  Why the website is hacked

Website Hanging Horse is the most headache of each stationmaster problem, the individual thinks the website is black The reason generally divides into two kinds of

First, the security of the server space quotient has been implicated in two, = species is the security of the website program itself security loopholes were hacked to be hanged. If you have the conditions, you can find a professional to do a safe visit. Company words can go to sine security See listen to friends say good. In general, there is a vulnerability in the Web site program or the server has been vulnerable to attack.

 Workaround:

1. In the program it is easy to find the code of the horse, directly delete, or you do not pass the server's source program coverage once but repeatedly hung to be in depth to solve the problem. But this is not the best solution. The best way is to find a professional programmer to solve is the most direct.

Clear Horse + fix vulnerability = completely solve the so-called hanging horse, is heike through various means, including SQL injection, Web site sensitive file scanning, server vulnerability, website program 0day, and other methods to obtain the webmaster account, and then log back to the site, through the database backup/restore or upload a vulnerability to get a webshell. Use the obtained Webshell to modify the content of the Site page and add a malicious steering code to the page. You can also directly through the weak password to obtain the server or Web site FTP, and then directly to the site page directly modified. When you visit a page that has been added to malicious code, you will automatically be directed to the address being turned to or download the Trojan virus.

The above is about the "site was attacked how to do" the whole content, may not write very well, if you have any more profound understanding can tell the script of the home of small, thank you for reading.

What if the website is attacked? 3 Ways to resolve Web site attacks

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.