Homepage was changed the website security management blocked the unknown guest

Intermediary transaction http://www.aliyun.com/zixun/aggregation/6858.html ">seo diagnose Taobao guest cloud host technology Hall

Believe that there are a lot of webmasters who are engaged in site SEO work, as a webmaster, the usual time allocation of the site, most of them are

1. Quality article 2. Pseudo original 3. Outside the chain construction of the site's security may be, every day to see the log habit may be less, I once a real experience, a few days ago my new site

Because my articles are foreign translators borrow Google browser, relatively false original better, user experience is also good, Baidu can also be included in the new station, my site is still to be sure, of course, I also put a lot of energy and sweat, hundred to constantly update my Site may be due to Baidu often come, Was noticed, the day before yesterday noon changed my homepage. Added some links and noted that I could not delete, once deleted, he would book me more, will also come, as a webmaster, delete or do not delete, delete must be deleted, and delete the most consequences to the site or to the security of a full range of inspection, to find unknown customers, source methods, and changes to the site which pages How to plug the leak.

And this information can only be queried from the log of the website, I found his login mode is the background of my website, with FTP, analysis background password and coon.asp database FTP account

Question: 1. Site background Default Admin admin not deleted (This is super username)

Question: 2. FTP Account and password registration is the default site domain password is also (security is very low)

Questions: 3. The site's write permission, the site has injected leakage, with the upload file name is not strict (web site can upload gif jpg cannot upload ASP but can upload asa file)

Solution: After the initial detection of my site I do not feel that the customer, is not a professional expert, most likely through the scanning of the software swept to the meat machine.

Program Step One: I use the website whole station to download the website all HTML

Plan Step Two: conn.asp renamed, the name of the database into txt text, in conn.asp (after renaming file resolution) database name Delete Super username (account password plus special symbol @@@,. ')

Program step three: Turn off FTP upload permission step four: Change FTP account (account password plus special symbol @@@,. ')

Summary: After the preliminary analysis of the website, I have made several improvements to the safety of the website according to my own level, after the security of my site has a great promotion (note the site backstage I placed in another space, and the domain name redirection, the site was changed to use the site of the whole station to download the site in the new background of the space website all HTML) The above is my first website was changed, I to the site security management of a revolution, after one weeks of observation, found that the guests did not come, but also hope that this method can be blocked by unknown guests, the above point of view, I have personally hands-on, but also referred to a website security information, hope to webmaster on the site's security help.

This content originates from http://www.bcw5555.com/aq.html