Shulou(Shulou.com)05/31 Report--

Website development website hijacked to other sites how to solve, I believe that many inexperienced people do not know what to do, so this paper summarizes the causes of the problem and solutions, through this article I hope you can solve this problem.

Some time ago, the website was hacked. The website opened by Baidu was directly hijacked and transferred to the index.html ticket, Dubo website, and the home page of the website was also tampered with into some key words of Beijing sai car, pk10, and some cai tickets, so that the website could not browse normally at all. Search our company URL from Baidu, and it was directly intercepted by Baidu. Tip what: Baidu URL Security Center reminds you that there may be illegal information on this page! The screenshot is as follows:

On how to solve the problem that the website is hacked and prevent the website from being hijacked, let me tell you in detail about my solution: first of all, our company's website is developed by dedecms system, using PHP development language, and the database is mysql. The main reason why the website was hacked this time is that there is a loophole in the dedecms code, which led to the attacker taking advantage of and uploading the webshell, that is, the website Trojan, and tampering with the home page of the website. The hijacking jumped to another website. Why are there vulnerabilities in the dedecms open source system? Why are corporate websites developed using dream weaving often attacked? Some people may think that the security protection of the server is not good, and the code is not well written. In fact, in the final analysis, there are loopholes in all the website systems disclosed on the Internet. You see, like the win7,win10,windows2008 we are using now, they are all developed by Microsoft and developed by some very powerful experts. But Microsoft's system still has loopholes. Why does the Security Center always suggest that vulnerabilities need to be fixed? Has been patching, loophole patches have never been broken, for the company's website to use dream weaving code, many companies also use, the more people use, many people will go to dig the loophole of the site, the loophole excavated our website will be attacked, resulting in the site was hacked, hijacked jump.

First of all, connect to the FTP of the website, download the source code, and download the code of the entire website to our own computer. After downloading, we carefully check the security of each code file, find some abnormal content or code to record, and compare the backup files of the previous website, you can find the problem. I found that the most obvious traces of the tampering of the company's website are the home page, title and description of the website, which have been tampered with into the contents of Beijing sai cars and PK10,cai tickets. Delete these codes, the website returned to normal, I thought there would be no problem, less than a day later was tampered with and jumped to other websites, consulted some professional security technology, said that there are loopholes in our website, you only delete malicious code, did not fix the loopholes, just like you can not solve the fundamental problem, then I realized that the dedecms website vulnerabilities were fixed And checked whether there is a website backdoor file, found 1.php in the data directory, and opened the Trojan back door that is a sentence. It is then deleted.

1. The rest is the detailed security deployment, and the backend address dede of the website has been changed, because the dede directory is the default administrator backstage address. Many people know that if there is a sql injection vulnerability in the website, the administrator password will be leaked and will be maliciously logged on to the backend to lift rights.

two。 Add a layer of security verification when logging in at the backend, in addition to the account password verification code, there is another layer of security verification, although it is more troublesome, it can prevent attackers from cracking your account password, there is no way to take you without the security verification code.

3. Strictly filter the upload function of the website, prohibit the upload of PHP script files, set security permissions on the directory of pictures, and cancel the execution rights of PHP.

4. If you are familiar with your own website, but not your own, it is recommended to find a professional website security company to deal with the problem of website hacking and hijacking, and help you repair website vulnerabilities, such as Sinesafe, Green League, those security service providers that specialize in website security protection to help.

5. Patch the website loopholes in time, if you don't know how to fix it, suggest a professional website security company to solve it. Another is that the background management account password of the website is set to letter + character + number + case and is satisfied with more than 10 digits, which is generally not guessed. Regularly back up the website, including code backup and database backup.

Finally, note: back up the data and source code of the website regularly, download it and save it locally, and upload it to the network disk just in case.

After reading the above content, do you know how to solve the problem that the website is hijacked to other websites in website development? If you want to learn more skills or want to know more about it, you are welcome to follow the industry information channel, thank you for reading!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.