Intermediary trading http://www.aliyun.com/zixun/aggregation/6858.html"> SEO diagnostic Taobao customer hosting technology hall
A few days ago the company website is responsible for the operation of a sub-site is hacked, took a week to restore some of the site's basic data! Here to talk about how to quickly and easily be restored by the black website to prevent hacking The spread of the virus page, affecting the browser's computer security.
1. The most direct way: close the site
The significance of this treatment is: control the source of the virus to prevent proliferation. Specific measures according to their own situation include: the server configuration for the 503 state; contact network service providers to understand the situation; temporarily change the user and its password.
2. Minimize the way: source and loss assessment
According to the analysis of the black situation, the site does not include: unknowns, anomalies, anomalies, directories, code, etc., to quickly find hacked pages or code, the initial deletion, scanning, to prevent further proliferation. After the whole station full scan processing, combined with view antiphishing.org processing recommendations, secondary clearance
The most comprehensive way: log analysis, patch repair, Trojan detection
Check server logs to see when files are black (remember, hackers can change logs) to find out if any suspicious activity, such as failed login attempts, history (especially commands issued as root), history, or unknown User account.
According to the server log analysis, identify weak or hacked vulnerabilities. Have had such a dark experience, usually should develop a timely patch to fix security vulnerabilities, if necessary, recommend updating directly to the latest version.
According to the Trojan update time is generally the most recent date, and then check the date recently created asp, aspx, asa file, the exception file is isolated or deleted. Of course, the more direct way is to use Trojan query tool, this is faster, but at the same time will delete the necessary security documents, it must pay attention to the screening.
4. The most thorough way: Enable data backup
Relative data backup occurs before the site was black, is relatively safe, but also restore the site operation of the quickest way, of course, according to their own data backup are generally: network service providers virtual host data backup, the company's internal website department Data backup, outsourcing professional data backup company. Look at the nature of the company Select the data backup fly way, the purpose is the fastest way to restore the site's operations.
Have had the experience of being black, it is necessary to have the sense of anti-black, develop a cycle of testing server logs, server operation and other basic maintenance site security operations, to a certain extent, timely detection and handling of Trojans, reflecting the operation of a website.
The above points are only preliminary and not exhaustive.
(Article Source Branch easy to network: http: //tec.k8008.com/ reprint, please specify.)