Website Black and anti-black tips

Intermediary transaction SEO diagnosis Taobao guest Cloud host technology Hall

When browsing the day before yesterday, antivirus software hints found Trojan, explained that the Internet encounter hacker invasion, and put to the Trojan. Today's hackers are impossible, hacker attack software is a lot of, I hope that China's hackers, should also unite, do not attack our people's useful website, to come up with the ability to maintain the security of China's network information, justice, to insult our Chinese behavior, give warning, rather than often take a knife to our own compatriots axe, Let outsiders ridicule. About the site is black, the impact on everyone, traffic, direct impact on the site users visit, and sometimes will let the visitors poisoned, search, impact data capture, included, serious people by the search engine down the right, so do a good job site security is very important, The following seoer, such as hackers commonly used attack techniques and anti-black some of the countermeasures, hope that the majority of webmaster useful:

Prevent database Download vulnerabilities

Give the database an irregular, unconventional name, such as Ghhj@#$%.mdb, and place it in a few layers (such as./seo/seodir/seodate/). Do not write database names in your program. If the phrase Dbpath=server.mappath ("Seo/seodir/seodate/ghhj@#$%.mdb") in the conn.asp exposes the name address of the database, Once the hacker gets conn.asp, the website database will be full of information.

Second, the Backstage management procedure

Do not put the background management page in the location of the external page, which will cause the desire of hackers, hackers can not platter to the site background management attacks. Administrator username and password should not be too simple, the best pinyin plus the number of symbols, password in more than 10. Background to do a good job testing procedures to prevent the ' or ' = ' or ' Bauku intrusion site backstage. If the site is still unable to prevent hackers to invade the background, only one method, the background directory directly deleted, maintenance and then upload the background by FTP program, and then use, hackers will not pay attention to your site every day ~ ~

Third, no upload and forum procedures

Do not have any upload program and forum upload program. Do not install ASP upload Program, if the Forum support file upload, you want to set up in the program upload file format, to authenticate to use, format only image and compressed files to upload. (A few days ago, one of my industry site is because of the upload program to the forum, hackers use, the successful right to invade, so that you do not have to remind people to upload the function.) )

Injection attack is a common attack method used by hackers. L injection attacks are usually implemented by submitting bad data or query statements to the site database, which is likely to expose, change, or delete records in the database. You can Baidu search keywords: "SQL Universal Anti-injection system 3.1β version" to find to prevent injection of attack procedures, download installed, from injection attacks of harassment.

Author: seoer Xi yuan site: http://www.noseo.org.cn/

All rights reserved. Reprint must be linked to the form of the author and the original site and this statement.