Shulou(Shulou.com)06/02 Report--

The editor will share with you what to do if the company's website is hacked. I hope you will gain a lot after reading this article. Let's discuss it together.

Many company websites are hacked and attacked, the first thing involved is the development language of the website, including the code language, as well as the database language. Now most websites are developed using PHP,JAVA,.net language, and the database uses mysql,oracle and other databases, so what should be done if the website is violated? Operating a website, always being invaded occurs from time to time, especially some corporate websites, as well as individual sites, are not protected by full-time security skilled personnel, resulting in websites often being attacked and often redirected to other websites. even some websites have been hung up, the title of the home page of the website has also been repeatedly tampered with, without professional security skills protection, facing such a problem can only be in a hurry, there is no good way. So our SINE security aims at the problem that the website is invaded, let's tell us how to deal with this problem.

The symptoms of the website being violated are as follows:

1. Now the most common symptom of website invasion in 2019 is that opening the site will actively jump to other sites, the home page files of the site will often be tampered with, and the title and description of the home page will be tampered with. some ferocious websites have also been intercepted by Baidu's URL Security Center, bringing poor user experience to users who visit the site.

two。 The code of the website is pierced into the malicious black chain, normally open the foundation of the site can not see these black chains, can only be found by looking at the source code to find these links, are often added to the bottom of the home page of the site, are some friendly links to trace the text, and some will hide the font size of these black chains to a minimum, so that your foundation can not find them. The intention of attacking the website is to implant some black chain to add the weight of other sites in Baidu and get some traffic.

3. There are also some websites that have been invaded by a big increase in the number of snapshots of Baidu, and some have even entered tens of thousands of snapshots of websites, all of which have nothing to do with the content of some websites, all of which are hijacked. Click from Baidu to jump directly to other websites, and look at the source code in the server to find signs of being invaded. Generally speaking, there are some special named files under the root directory of the website, as well as some html files, especially the websites with high weight and high traffic will be hijacked and recorded.

4. The website can not be opened by the invasion, the opening of the website is fast and sometimes slow, the CPU of the server takes up 100%, the foundation cannot open the website, the database process takes up 100%, and the server can not operate over long distances. These bases are all DDOS traffic attacks and CC attacks, the use of bandwidth G to invade the IP of the server, resulting in network congestion, so that the website can not be opened. Peer competitions and offending people often use this offensive technique.

5. The opening of the website indicates that it is unable to connect to the database, the database is intentionally deleted by the offender, the code file of the website is deleted, and some websites are prompted to be unable to connect, and even some websites have blackmail virus in the code. or mining viruses will show these symptoms.

6. Some websites are invaded, mainly to tamper with members' notes, modify members' account codes, including malicious withdrawals, malicious transfers, and revision of members' bank cards, such attacks are often in order to gain benefits, and some member systems have many channels, which often become the policy of invasion, tampering with the database, giving their own accounts Canadian currency, and bringing greater economic losses to the member channel system.

What if the website is invaded? What should I do with it?

The code of the website and the database are often backed up, and the Aliyun server used in some websites can enable the snapshot backup function of Aliyun, and make a punctual backup snapshot of the entire website server to avoid website data being deleted and tampered with. Be able to use snapshots to recover the site to the latest situation. Use CDN to speed up the domain name of the website to hide the real IP of the website, so as to prevent the intruder from attacking the website with DDOS and CC.

The website system carries on the promotion, fixes the website gap, carries on the comprehensive security inspection to the website security, as well as the website Trojan back door often carries on the check, whether has uploaded one sentence website Trojan, as well as the PHP script Trojan. The repair of website cracks and the eradication of the back door of Trojans require a lot of professional common sense, not only common sense, but also a lot of experience, so from doing websites to protecting websites, protecting servers, and finding professional website security companies as far as possible to deal with problems, domestic security companies such as Sine security, Green Alliance, Qiming Star and other security companies are more professional.

If you know more about the server, you can also safely arrange the folder permissions of the site, including some picture directories, JS directories, cache directories, all of which can be set without script performance permissions, and some template folders can set read-only permissions to remove the operating permissions of php. Often update the password of the server, change the background address of the site, do not use the default admin,manage,houtai and other names named background address, strengthen the password of the administrator account of the site, number + letter + case combination.

After reading this article, I believe you have a certain understanding of how the company's website is hacked. You want to know more about it. Welcome to follow the industry information channel. Thank you for your reading!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.