Web site security and anti-hacker attacks need to pay attention to what issues?

Source: Internet
Author: User

Intermediary transaction http://www.aliyun.com/zixun/aggregation/6858.html ">seo diagnose Taobao guest cloud host technology Hall

How to judge the website to be poisoned or the hacker hangs on the Trojan horse?

1, the website opens the speed to judge: If the website opens the speed to be obvious than before the speed is slow, has ruled out own network reason, then may be the website poisoning;

2, view the source code: found that the Web site code most of the page or the end of the page has been embedded such as <script> or <iframe> such characters, the description was hanged on the Trojan;

3, through the FTP or landing server to view the changes in the file time: Generally speaking, if the hacker changes the website file, then changes the file change time will follow the change, if some files modification time is obviously later than other documents, and we have not changed, then the document has been modified by the hacker, may have been poisoned or hung on the Trojan, view the source file can be known.

If the site is hung Trojan or poisoning how to deal with it?

First of all to understand the Web site is linked to the principle of Trojan, in general, because the site itself using the program is from the network free program, where the code and vulnerabilities are well-known for some hackers, attack up easy, especially some ASP programs. So web site construction as little as possible with the free program on the network to build; Hackers will upload a hacker Trojan to the site after the loophole, this Trojan has to delete the entire site, modify all the functions of the code, but most hackers will be in the source site code to add some of their Trojan and virus files, Then the people who visited poisoned their chickens, or hung up on their customers ' hidden chains, or achieved some unknown purpose.

After the site was attacked, first back up all the Web site files, to prevent hackers delete the site, and then find the hacker modified files, one by one, and finally found the hacker's attack point, through the loophole, but to find the hacker's attack point need a bit of skill, by viewing the site of a period of access log can find clues, This time period is the time when one of your files was tampered with by a hacker.

How should the website guard against attack?

1, try not to use the Internet Free web site procedures, because a vulnerability exposure, the site is very dangerous.

2, the program to write attention to the filtering of illegal characters, especially the last file and to the server to write files to pay attention to, as far as possible to choose PHP and other non-ASP programming language to write, because most hackers on the ASP's vulnerabilities and attacks by heart, can reduce the probability and risk of the Web site

3, the server's security settings level high, such as the server has more than one site, to the individual Web site permissions limited to a folder, otherwise hackers attack a website, the entire server will be infected.

Reprint or false original hope to be able to indicate the source: www.kmwzjs.com

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.