compared to when you just started doing web sites, the idea is very simple, have a good dream, considering all aspects are not very comprehensive. I do for the Amoy network (Taobao selling women’s promotion www.egouo.net) webmaster, just beginning to do a website when the idea is so simple, that everything is so beautiful, the first pot of gold ancient Amoy network quickly earned Taobao customers.
in order to launch as soon as possible Amoy women’s promotion website, in the network download a web site source code, and is not downloaded from its official website. With some simple modifications of my own, my first website was formally launched. But everything is so bad, no traffic, two did not earn Taobao Commission, three was also black two times. Take third, let me enough bitter brain, it is difficult to add up all the data were destroyed. Why is the site always attacked, old hackers, and so on, I need to think about and solve.
was black for the first time, no more thinking, think I made a few pages of loopholes (did not do SQL injection prevention), modify the pages, and began to re enter data. This morning, open a web page, 360 security guards began to desperately wrong, and a check and was black, and this time fortunately, did not lose much, because learned from the previous lesson, from time to time to backup the data. But why still be black, this time will have to study well, also consulted the space service provider! First my analysis, summary, share, say wrong, please forgive
1, the site should do a good job of SQL injection prevention work, whether it is their own code, or under the Internet, have to review it, download it may also exist vulnerabilities,
2, download the source code on the network, it is best to download its official website, downloaded elsewhere may have been modified, so that it is easy to use. What I’m using now doesn’t rule out this possibility. Before using it, it’s better to check its code and see if there’s a back door, "
3, it is best to change the table name in the database, of course, this also needs to modify the source code, in order to reduce workload, you can use software for batch modify source code. Since it is open source, anyone can download it, including hackers, who can analyze source code and database attacks.
4, decided to use the web site source code, it is best to study it, select those who have fewer loopholes in the source code, and promptly patched vulnerabilities. Today, I searched the version I used and found that there were many loopholes.
5, frequently do data backup, just in case,