Liu: Talking about the website security of personal Webmaster

Intermediary transaction http://www.aliyun.com/zixun/aggregation/6858.html ">seo diagnose Taobao guest cloud host technology Hall

The so-called webmaster, of course, is to have a station, but there is a station may not be safe, how to say? We need to know, what is not absolute, no matter how powerful the site is not absolute security, including Liu Yi blog. Talking about the site, we first to talk about the Web site procedures, commonly used Web site procedures asp,php, not commonly used Web site procedures aspx,jsp, and so on, relative to the Web site procedures, security rating: Asp,php,aspx,jsp, in China personally think so far, Half sites are used to build the asp+access, the server using IIS, the site's security is very difficult to protect, especially before the network is not very developed, many many stations have loopholes, PHP is relatively good, as for the ASPX is not commonly used to say, About JSP is commonly common is the bank's website system, security is guaranteed, but the speed is not very good, in our personal webmaster friends, mainly ASP and PHP, the two procedures, security measures to prevent and deal with a lot of people do not in place, resulting in the site is black, or even black chain hanging.

On the site of the prevention of Black and hanging black chain of some practices, I talk about my personal experience:

1: The website completes the backup, generally speaking, my personal blog almost every day has the backup, as the saying goes good, is not afraid of 10,000, is afraid in case.

2: If the adoption of asp+access procedures, as far as possible to change the database name of the complex, the password to make it more difficult, now MD5 cracked very powerful.

3: The site timely patch, general procedures appear 0day (can be understood as a procedure to kill loopholes), the official will soon appear patches.

4: The site does not have the necessary function to shut off, like a new cloud before a question and answer system killed a lot of stations.

5: If the site is static, you can turn off script execution permissions directly.

6: Background address to change the trouble point, if not often into the background, you can download directly to the local, and then deleted on the server, and then upload.

7:ftp account password to complicate points, to prevent cracking.

For personal webmaster, the site Once there is a problem, the consequences are very embarrassing, less people to leave you a back door, many of the site program to you deleted, so that we must do a good job site safety prevention, 8630.html "> Sometimes even say your website no problem, But sites on the same server may have vulnerabilities, lead to make a side note to black your station, like a while ago I have been a lot of bidding station order system has problems, wrote a chapter [life is so monotonous, lack of fashion], found that the order system has problems, can directly take the shell, was just testing, Play also found that the server unexpectedly in million nets, even the space can be so, not to mention other space business?

In fact, for others black you don't need to be so afraid, as long as a good backup, whatever he how black, he can do? Just I speak, what things are not absolute, I hope that every webmaster must have their own responsibility to do stationmaster, as a webmaster, even their own site security can not take care of, talk about what webmaster, It may not feel good to be black at the station, but what if you are a big station or a very important site? may be someone else to remove the program a few hours to lose hundreds of pieces, for some of the above operation a few 10 minutes on the finish, although said a bit of trouble, but always better than be black later, I hope we can do a good job as a webmaster responsibility.

Welcome reprint, Original article reproduced please specify Liu Yi Chuang Blog, this article address: http://www.liuerchuang.com/post/18.html