Web site SEO security can not be ignored

Intermediary transaction http://www.aliyun.com/zixun/aggregation/6858.html ">seo diagnose Taobao guest cloud host technology Hall

Recently the internet has a lot of security problems, many sites will be hung horse, is black, for our SEO workers, but also warned us that the safety of Web site SEO can not be ignored, we must pay attention to it, can not let their own SEO optimization results put in the East stream!

As far as I know, on the morning of September 2, Taobao station was hacked, there has been a shocking "1 Yuan packet mail Incident", all the use of Taobao third-party tools software "Buy treasure" are implicated, the accident is in urgent treatment. There is also a number of Dangdang last month "Price gate" incident, of which "1 Yuan Andy Shoes" event Dangdang system error for the refusal to cash. This has been a heavy blow to our SEO workers and network maintainers. More recently, the Seowhy forum also appears to have been attacked. Many bloggers have also been attacked by hackers, for example, September 1 28 push Forum, under attack, 28 push out the announcement, the statement hit Golden eggs and large turntable because the plug-in loophole has stopped using the plug-in, fortunately, 28 push is just a learning station, and no commercial value, if not, it will also face significant losses.

Hackers, every webmaster are familiar with the noun, we know that if a website is attacked by hackers, the webmaster in Search engine optimization on the efforts, will be in vain, each site is a loophole, as long as hackers seize your site system loopholes, if he intends to attack, the site will face unprecedented disaster. For SEO, the hacker's method is the SEO black hat behavior, for a white hat to optimize the station, how to prevent hacker attacks is a lot of people in the efforts to solve the problem of the Web site by hackers will lead to what results.

Below to get to the point, introduce the current hacker more commonly used attack means and response measures, online on this problem prevention methods have a lot of.

One, the website loophole will let the hacker insert various Trojan website content completely to be tampered with, how to deal with this kind of server invasion

Now many webmasters in order to quickly let their website to promote success, many people use other sites on the loopholes, through the means of hackers to talk about their own site outside the chain to hang onto someone else's site, so as to improve their weight of the site, and some also through the implantation of Trojans to steal someone else's account, and even pop-up ads dialog box, This makes other people's websites suffer heavy losses. When your site is in a safe situation, your site content is completely becoming someone else's fish, and a lot of hackers like to show off, that is, the content of your site changed beyond recognition, data has been ruthlessly tampered with, if it is an E-commerce site may also cause the transaction of disputes, If the data on the site is not backed up, then your site will suffer a lot of damage, basically one night back to before liberation!

The general intrusion server is nothing more than to exploit a loophole, of course, this vulnerability may be the site, there may be a server, it may be serv ... In short, you open one more service on the possibility of an invasion, so there are a lot of measures that need to be done, I simply give you enumerate:

1. Shut down the system unnecessary service

2. Set the security policy of the system

3. Redistribution of user rights for partitions and directories (important)

4. Separate website access user and FTP access user rights

5. Install antivirus software and ARP firewall

6. Make the system patch in time

Ii. How to effectively resist DDoS

The basic concept of DOS is that tens of thousands of or even more ordinary computers at the same time to send data to attack the target, because the target bandwidth is limited, in the case of the failure to deal with bandwidth congestion, so that the entire line or server paralysis.

Workaround:

This depends on your choice of IDC company, a good company equipped with hardware firewall, can provide you with effective protection against DDoS attacks, of course, in addition to hardware firewalls there are other technologies can completely avoid such attacks, more feasible is to spend more money to obtain CDN website Acceleration Services, So in the national node has your site content, is to DDoS your station is also more difficult, it is impossible to the whole of China's broadband are blocked, in general, whether they built the site or through a number of building systems, such as Dream Empire, DZ and so on, there will be loopholes in the problem, So we can not solve all the loopholes in a website, then we will be able to backup the database in a timely manner to solve the site after the black recovery work, the loss to the lowest degree!

Iii. how to effectively prevent Web site content from being tampered with completely

SEO optimization of a large part of the work is to do a good job of the content of the site, but when your site security problems, your site content is completely become someone else's fish, and a lot of hackers like to show off, that is, the content of your site changed beyond recognition, data has been ruthlessly tampered with, If it is an E-commerce site may also cause the sale of disputes, if the data on the site is not backed up, then your site will suffer a great deal of damage, basically overnight back to the liberation of the.

Four, how to prevent FTP password vulnerabilities to invade the site

Many people through the FTP password vulnerabilities to invade the site, so like these FTP password must be set up very standard, to have the case, but also to have letters and numbers of the combination, so even through brute force, it will take several years! So the password set must be scientific!

Five, SQL injection, should be how to completely prevent, what should be noted?

1. The use of domestic relatively perfect CMS system, as little as possible with those developed by the individual features relatively simple web site procedures.

2. As much as possible to simplify the site does not use the site function or simply delete some of the unused plate files, such as easy comment function.

3. Use fewer Third-party plug-ins.

4. Timely attention to the official website patches patched.

5. All you have to do is to make the page into HTML form, and the page dynamically call the database label removed, can completely disconnect the website database and site, so that the invasion of the interests of the intruders can not use the form of intrusion site invasion.

6. Use of some third-party injection tools, but I am writing procedures, because the more mature system, its own ability to prevent injection is also improved, and this kind of free third-party tools do not fully protect your site, the proposal or more from the site itself.

Through the above introduction, we know to do site SEO optimization, to pay attention to these security issues, regardless of your site's search engine optimization do a good job, but if you ignore the site's security problems, then all your efforts to reduce waste. As long as the site is safe, do SEO optimization can be handy, with less effort! You SEO staff site SEO security is absolutely not to be overlooked.

This article cited 90 boys sharing net, the original address is: http://boys90.com/post/2011090372.html