Windows Server Security Maintenance note eight points

The maintenance project is only for servers on the Windows operating system platform. The above services are related to the installation of software, copyright issues by the customer to resolve themselves. Modify and write only the part of the code that is involved in the code of the Customer website, and do not modify and write other parts of the code of the Customer website.

Windows Server Security Maintenance note eight points

1, check the code of the website, check whether the hacker placed the Web Trojan and ASP trojan, website code whether there are backdoor procedures.

2, the site code security checks to check whether there are SQL injection vulnerabilities, upload file vulnerabilities and other common harm to the site security vulnerabilities.

3, the server operating system log analysis, check whether the system was invaded, to see whether the Trojan installed by hackers and what changes to the system.

4, the server operating system to play the latest patches, reasonable configuration and installation of commonly used applications (such as firewalls, anti-virus software, databases, etc.), and the server's software to update the security, stability, compatibility of a good version.

5, reasonable configuration and optimization of the server operating system, cancellation of unnecessary system components, stop unnecessary dangerous services, disable the dangerous port, by running the smallest service to achieve maximum security.

6, to the Common application service port and the prompt information, carries on the concealment and the forgery, prevents the hacker to use the scanning tool to obtain the server information.

7, reasonable configuration permissions, each site is configured with a separate Internet Guest account, restrict access to Internet Guest account, only allow it to read and execute the program required to run the site, only the site Directory of party A has read and write permissions, prohibit access to other directories, and limit its execution of dangerous commands, so that even if the hacker has the means to upload the Trojan horse program to the directory of the site, also can not be implemented, and will not cause harm to the system.

8, reduce the SQL database, Serv-u FTP and other application software services to run permissions, delete the MSSQL database unnecessary, dangerous stored procedures, to prevent hackers exploit vulnerabilities to further intrusion and elevation of authority, and through effective settings to prevent unknown overflow attacks.