Last update at :2023-12-12,Edit by888u
For novice webmasters, they often come into contact with server rental or virtual hosting. However, for webmasters who have just come into contact with this industry, everything is relatively unfamiliar. They may still be in an excited mood and find that everything is unknown. It’s very new, but I don’t have a certain sense of safety yet. Today, I will share with you some tips on how to effectively prevent your website from being hacked.
First, webmaster friends who have independent servers should install anti-virus software on the server, such as nod32, update the software virus database in a timely manner, and enable active file detection. This is a server anti-virus software that the editor thinks is acceptable and is recommended. . Of course, if you have time, it would be best to install an ARP firewall. Sometimes there will be LAN ARP attacks, which will cause all servers to be hung up.
Second, do not browse the website in the server. For example, if you need to download a core source program to build a website, it is recommended that you open FTP and use FTP to upload and modify website files. Try to install as few asp upload components in the server. Of course, if If it is necessary to install it, you also need to look at how to implement the security strategy for this component.
Third, the general website has an attachment directory. The file is uploaded through the front or backend. The directory where the file is located. Friends who have servers suggest that the attachment directory does not support asp or php running. This can greatly avoid the website being hacked. .
Fourth, whether it is asp+access (mssql) or php+mysql program, webmaster friends should always back up the database of the website. It is recommended to back up the database once a week. If you want to back up the access database, just download it directly. . For mysql database, generally such a program has a mysql backup function in the background. If not, download a WEB version of MYSQL backup tool to back up all data tables, or use phpmyadmin provided by the space provider, log in and export ".sql" File backup.
Fifth, go to FTP frequently to check whether there are unknown files in each directory. Pay attention to the change date behind the file. Pay attention to files that are close to the current time. Download them and carefully check whether they have been hung. If so, , remove the horse-hanging code. However, it does not feel relatively safe if you only remove the tampering code, because some of them also have tampering in the form of pictures, which makes it difficult to check. It is recommended to download the entire website through FTP and view all files. If the picture is tampering, if you open This picture will not be displayed, which means that there is an 80% chance that the picture is corrupted, so delete it.
Sixth, for websites that download asp+access source code templates, you need to pay attention to the backend path, backend account password, database path, and backend path of the website. These all need to be changed, such as the "/admin" backend path. This is absolutely Needs to be changed. The background administrator account password needs to be complicated, with special alphanumeric characters. For the name of the database file, it is recommended to change ".mdb" to ".asp" so that it will not be downloaded by hackers. This cannot be ignored. For asp+mssql type websites, the account and password of the mssql database also need to be complicated.
Recommended site searches: icp registration website, Ministry of Industry and Information Technology domain name registration query, Chinese domain name fees, proxy IP, space registration, Zhenjiang high-defense server, Sichuan virtual host, free cloud host, mobile IP proxy, virtual host Hong Kong host,
p>
发表评论