MENU service case
Website construction website design Beijing website construction high-end website production company Shangpin China
We create by embracing change
360 ° brand value__
simplified Chinese character
Simplified Chinese English

Shangpin China Joins Hands with Beisheng Internet to Create a New Chapter in Website Construction

Type: Shangpin Dynamic Learn more

How to make effective strategies when an enterprise website is attacked?

Source: Shangpin China | Type: website encyclopedia | Time: July 26, 2019

You should know how your website is attacked in advance. The following four types of attacks are conventional:

1. Traffic attack: we often refer to DDOS and DOS attacks. This attack belongs to the bandwidth attack of the most common traffic attack. Generally, a large number of data packets are used to flood one or more routers, servers and firewalls, making your website paralyzed and unable to open normally. However, the cost of such attacks will be very high, so don't panic when encountering such attacks. In addition, you can try the defense system, so that the attacks will not mainly target your website.

2. CC attack: It is also a kind of traffic attack. CC is to simulate multiple users (the number of threads is the number of users) to constantly access pages that require a lot of data operations (that is, a lot of CPU time), resulting in a waste of server resources. The CPU stays at 100% for a long time, and there are always endless connections until network congestion, Normal access was aborted. CC attacks are basically attacks against ports. These two attacks are basically attacks against hard traffic. Let's talk about some attacks against database security.

   3. Data destroying attacks: In fact, what is said here is not a hard attack. This is to get the management authority of the website to modify the content of the page. This kind of intrusion is fatal to the website. Not only will the search engine reduce its authority, but also it will lose a large number of users. Reducing the harm caused by such intrusion requires frequent backup of website data and key website programs, and it is better to pack them into local computers; Set the permissions of key documents; It is better to use full static pages for websites, because static pages are not easy to be attacked by hackers; Do not use weak passwords for ftp and background related passwords

(PHP program programming)

4. Hanging a horse or a black chain is not as harmful as the second, but it cannot be ignored. Once a search engine regards your website as a Trojan, it will be blocked or even blacklisted, so the problem cannot be ignored.

Here are some simple solutions:

1. Modify the user name and password of the website background and the default path of the background.

2. Change the database name. If it is an ACCESS database, it is better not to use mdb for the file extension, but to change it to ASP. The file name can also have several special symbols.

3. Then check whether there are injection vulnerabilities or cross site vulnerabilities on the website. If there are, it is equivalent to applying anti injection or cross site patches.

4. Check the uploaded files on the website. If there is a common fraud upload vulnerability, filter the corresponding code.
5. Try not to expose the background address of the website to avoid being guessed by social engineering to find out the management user and password.
   6. Write some anti hanging horse codes to make hanging horse codes such as framework codes invalid.
   7. Disabling FSO permissions is also an absolute method.
8. Modify the read and write permissions of some folders in the site.
9. If you are your own server, it is not only necessary to secure your website program, but also necessary to secure your server!
   If the attack is serious, you can give a network alarm.
Source Statement: This article is original or edited by Shangpin China's editors. If it needs to be reproduced, please indicate that it is from Shangpin China. The above contents (including pictures and words) are from the Internet. If there is any infringement, please contact us in time (010-60259772).
TAG label:

What if your website can increase the number of conversions and improve customer satisfaction?

Make an appointment with a professional consultant to communicate!

* Shangpin professional consultant will contact you as soon as possible

Disclaimer

Thank you very much for visiting our website. Please read all the terms of this statement carefully before you use this website.

1. Part of the content of this site comes from the network, and the copyright of some articles and pictures involved belongs to the original author. The reprint of this site is for everyone to learn and exchange, and should not be used for any commercial activities.

2. This website does not assume any form of loss or injury caused by users to themselves and others due to the use of these resources.

3. For issues not covered in this statement, please refer to relevant national laws and regulations. In case of conflict between this statement and national laws and regulations, the national laws and regulations shall prevail.

4. If it infringes your legitimate rights and interests, please contact us in time, and we will delete the relevant content at the first time!

Contact: 010-60259772
E-mail: [email protected]

Communicate with professional consultants now!

  • National Service Hotline

    400-700-4979

  • Beijing Service Hotline

    010-60259772

Please be assured to fill in the information protection
Online consultation

Disclaimer

Thank you very much for visiting our website. Please read all the terms of this statement carefully before you use this website.

1. Part of the content of this site comes from the network, and the copyright of some articles and pictures involved belongs to the original author. The reprint of this site is for everyone to learn and exchange, and should not be used for any commercial activities.

2. This website does not assume any form of loss or injury caused by users to themselves and others due to the use of these resources.

3. For issues not covered in this statement, please refer to relevant national laws and regulations. In case of conflict between this statement and national laws and regulations, the national laws and regulations shall prevail.

4. If it infringes your legitimate rights and interests, please contact us in time, and we will delete the relevant content at the first time!

Contact: 010-60259772
E-mail: [email protected]