before a hijacked "tell those things" we talked about the common website hijacking problem, this time, Jun once again invited to talk about how the eagle, specific defense website hijacking and hijacking after we encountered how to deal with
for us?We often say
website hijacking mainly is caused by website vulnerabilities, and now most of the site does not have the ability to safeguard the autonomy, which leads to the hijacking of the road more walk more far, below we will come from the angle of tool to help owners most likely to defense and Du free.
conventional protective measures
The use of
website system of the site, often encounter some large-scale outbreak of conventional vulnerability, this kind of vulnerability, fixes official updates faster, the size of the site will need to focus on the update, especially the use of open source site.
of course, we can not always pay attention to information, but also missed the opportunity to repair the opportunity to do,
?Safety observation platform
site using third party, non contact detection, also with the notification text messages and emails, especially for owners to use here, I recommend Baidu cloud observation and Baidu security index of these 2 products, of course, there are other testing platform, here we choose.
but what you should pay special attention to is not to use too many monitoring platforms, the monitoring platform will check regularly, and the test will bring some pressure to the server.
cloud service protection
is currently the fire of several cloud hosting platform provides some security software vulnerabilities, after all the outbreak must be earlier than the repair, but some manufacturers are also not be in a hurry to patch to repair, then use this kind of product such as Ann knight, the technical team of cloud service providers for the first time seamless or shielding vulnerabilities at least can support the manufacturers released vulnerabilities so far.
cloud services in addition to the security component, we should also see a security group called something simple is the firewall port strategy, the port can be directly in the cloud control panel, such as the recent burst of the equation of 0DAY, if you only need the port, actually no need to repair. In general, we open the remote port, HTTP/HTTPS port, FTP port is basically enough, such as no special services can be closed, it can save a lot of trouble.
server side protection
in the server, we can install third party antivirus, protection software, these software with most of the common protection mechanism, against the general white enough.
currently on the market, "safe dog" and "cloud shield" are excellent Server Protection software.
I generally recommend sites that are sensitive, dynamic, static, isolated, read, store, and separate. We all know that websites have been hijacked, and the most common thing is to be mentioned, if…