How to guarantee network security in website

51CTO Recommendation: Website common attack and defense website How to protect network security, so here to you how to protect the network security problems and specific measures, then how to protect the network security? To start with the details, step by step, let's look at some details on how to secure the network. First, how to ensure the security of network security Hidden Trouble Analysis: 1, the server uses the private operating system and the database, the so-called private, is not completely own writes, but said, all is carries on the privatization transformation, generally uses the open source operating system and the database to carry on the transformation, for example operating system use free BSD's change, Database use MySQL change, Web server number hundred when the site started to implement this project more, the cost is a very important reason, but more important is the security factor. Firewalls are not only expensive, they can also be very inefficient, so they are generally not considered. 2, the transformation of the operating system, in addition to the communication needs of some of the command files to keep the original name, many command files even the filename is replaced (some people think this is a small pattern, hehe), a large number of functions have been rewritten, hackers even get the right to sit in front of the server, 3, the website Chief security officer thinks that puts a door to let the others to blow, instead of giving people two paths to choose between right and wrong, anyone who tries the system with an error account and password will be allowed to log into a shell anonymously, which is like the real system, well, just like, But it is actually an empty shell, all the instructions, will be run at a minimum cost, call false information interface out. Some even put a trap, deceptive guidance hackers automatically send identity data or other sensitive information, after all, hackers may come through the overseas springboard, if not the hacker initiative to send, the site is difficult to obtain hacker identity data. 4, the use of their own security strategy, the existing means of attack have corresponding protection measures. For example, for SYN Flood, this is to temporarily reduce the service quality, reduce the half connection wait time, so the success rate of the connection will be reduced, but will not cause the service to be stopped. 5, the network idle time often has the deceptive data flow between the office network and the server flow, uses the intensity not high encryption way to encrypt, lets the hacker have to do something. 6, the website internal staff use the business system to log in to the website server, the interface and the general server, all general commands can be implemented through the business system to the private operating systems of the special command to be executed, the site inside staff also only very few know the conversion of control, and generally all through decentralization, Do the operating system development, not responsible for the maintenance of the server, and do not know the installation of an internal version of the operating system server is deployed to where. Second, how to guarantee the network security method Introduction: 1, the account number and the password must pass through the safe message platform. 2, have their own deployment in different cities DNS server, all deployed out of the application are not in the sameA computer room standby system, emergency mechanism set up in its own DNS server, the use of servers carrying other services to do cross security status monitoring, such as A1 server is a server standby system, using CDEFGH and other servers to do a server security status monitoring, timing communication, and to the A1 server to communicate the success of the signal, when the failure rate of more than a certain value, A1 automatically share a part of the pressure, A1 server on the original commitment of the service (not customer-oriented, such as Indexing Service) was lowered priority. Monitoring is so mutual between all servers, ensuring that monitoring is timely and effective through a mechanism. In such cases, even if a DNS service provider is attacked, its own site can be accessed by most users, because DNS in different regions has not been brushed, users can still use those DNS to connect to the site. Generally speaking, the use of these means, the security of the site can not be said foolproof, but also greatly improved. For the website How to protect the network security problem in fact a system work, need to do every detail of security measures, then the above mentioned aim to you, hoping to find suitable for their own network security methods. "Editorial Recommendations" graphic detailed web site SQL injection attack to solve the whole process of inventory users easy to ignore network security error Operation hacker attack and Defense: Web site Backdoor Attack method Large summary How to secure the site through SSL certificate security Site identification method to force (0 votes) (0 Votes) nonsense (0 Votes) Professional (0 Votes) title Party (0 votes) Passing (0 Votes) Original: Analysis of how the Web site to ensure network security return to the network security home