Shulou(Shulou.com)06/02 Report--

What if the virtual host database is deleted? Many novices are not very clear about this. In order to help you solve this problem, the following editor will explain it in detail. People with this need can come and learn. I hope you can gain something.

Some virtual host users have encountered the situation that the database has been deleted, if they do not take the initiative to operate, it is very likely that they have been attacked by hackers.

This phenomenon is mostly due to the fact that the mysql service or the server allows access to the external network, but the password of the server is too simple, and the mysqlroot account authority is used when the website program is connected, which leads to the disclosure of the mysqlroot account password when the website program is hacked, and the database is emptied after being cracked by hackers.

The following are common ways to manage virtual host database errors.

1, the server password is too simple: many webmasters save trouble, the server password setting is simple, easy to remember and log in, which often leaves room for hackers to crack. Webmasters in setting passwords, it is recommended to use letters, numbers, character combination of the password, as far as possible in 8-bit 10-bit or more. And change the password from time to time.

2. Website programs directly use root permissions: many webmasters do not set permissions when using the database, and website programs are directly connected to root permissions. Once the website program is cracked, the root account password will also be obtained by hackers. There are 5 tables of permissions in MySQL, the most important of which are user and db.

In the user table, except for all permissions in root localhost, xxxx% does not have permissions. If you need to activate the permission, it should be in the db table. Note: never use root and administrator privileges to run. At the same time, limit the permissions to a minimum!

From the point of view of the security type of website spatial database, the database is divided into Mysql, Mssql, Oracle and PostgreSQL, and MySQL database is the most used. if the front-end architecture of web is taken into account, Apache, IIS and nginx are all related to the database.

If there is still an exception in the database after we restore the database, open the general_log log. Record each command and wait for the next analysis (general_log records a large number of executed commands, so it is very resource-intensive and is turned off by default. It is recommended to turn off when there is nothing wrong with the system. Or contact the technical customer service of the cloud service provider for help, troubleshoot and solve the problem, and ensure the security of the database.

All virtual spaces deploy WAF defense in the application layer, filtering from GET/POST/HEADERS, effectively intercepting scanners, malicious spiders, PHPDDOS,SQL injection, XSS cross-site, WEBSHELL upload, etc.

Is it helpful for you to read the above content? If you want to know more about the relevant knowledge or read more related articles, please follow the industry information channel, thank you for your support.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.