Intermediary transaction http://www.aliyun.com/zixun/aggregation/6858.html ">seo diagnose Taobao guest cloud host technology Hall
The rise of E-commerce, so that many small and medium-sized enterprises have their own server. Internally used to establish a local area network, improve office efficiency, the establishment of foreign websites, more widely publicized enterprise products and image, to win more customers. But as the core product of the network, the server technology is relatively complex, especially in the network era of virus rampant, the security problem appears more prominent. Now to provide some practical work summed up the experience, hoping to share with you to ensure that the Web server security.
I. Enhance the overall security of the network
Many network management is often in the maintenance of cyber security is such a misunderstanding, that as long as the server to play a good patch, install a good wall, the operating system to upgrade regularly can sleep without worry. But in fact, many hackers and viruses do not directly attack the server, but by invading other computers as a springboard to attack the entire network. At present, many networks are managed by domain, and once hackers or viruses successfully invade a computer that has trust with the server, attacking the server from this computer will become very simple. So to run the security of the entire network to be considered from the fundamental.
The first is the safety management, from the management point of view, the use of rules and regulations, such as the text of the material norms, constraints on the computer network behavior, such as the ban on employees to download illegal procedures, to prohibit personnel outside the network administrator into the center room, perfect network administrator on duty system and so on
Second, security technology, from the technical point of view, using a variety of software and hardware, various techniques and methods to manage the entire computer network, anti-virus software and firewalls to secure the network.
These two indispensable, just think if only the support of security technology in the rules and regulations do not carry out any restrictions, even if just start to do very well in safety, but the employees at random download illegal software, casually turn off the protection of anti-virus software, the entire network security is not a fake. and only strict regulations without technology as the support of the virus and hackers can easily invade through the network vulnerabilities. Therefore, security management and security technology are complementary to each other, network administrator for these two aspects to grasp, the strength to be hard.
Second, strengthen the server local file format security level
At present, the server is windows2000 above version, so at the level of security to enhance the need to take advantage of the user privileges provided by Windows2000server, according to the characteristics of each user individually for its access to the server's special permissions to use, This avoids the security risks associated with the use of Uniform Access server permissions.
To ensure the security of your server, you first need to make a fuss about the local file format, which converts the FAT format to an NTFS file format with a higher safety factor. After all, for hackers, data stored in fat-formatted partitions is easier to access than data stored in NTFS-formatted disk partitions, and all security software and encryption software are currently in the NTFS format, and the fat format is poorly protected.
It is also best to use specialized network detection software for 7x24 uninterrupted monitoring of the entire network, with particular attention to both "illegal intrusion" and "Server Operation" reports.
Third, regular backup data
Data protection is a very important issue, perhaps the server's system does not crash but the data stored in the lost, this situation will cause a greater loss, especially for the database server may be stored in a few years of precious data. How to protect data effectively? Backup is the only option.
In the past, the backup of data was taken to establish a backup folder in another area on the server or even to establish a backup area. However, the backup method has a very big disadvantage, that is, once the server's hard drive problems all partition data will be lost, so that the backup is not guaranteed. According to the theory of "don't put all your eggs in one basket" we should use separate specialized equipment to keep these valuable data.
Use B server to save the data of a server, while using a server to save File B server, this method of cross backup is very popular for some time. There is also an effective way to use tapes to preserve valuable data, but such investments will be relatively large.
But data backups also have huge security vulnerabilities, since backup data is also likely to be stolen, the backup media should be password-protected during backup and encrypted with encryption software when necessary, so that data leaks will not occur even if the data is stolen.