hosting server before entering the data center room, the system must have done in advance, but only installed system, open remote control is still far from enough. The first day we talked about is "hard security", now we can talk about some "soft security", master did not look again, also do not Paizhuan blow my enthusiasm, more do not despise me. The server has been hacked. Think back to it. Did you do all this?.
1, operating system security,
may be a friend often reaction, my server has been hacking into, every week I have to run at least two room, how do ah? In the installed operating system, immediately install an anti-virus software, and operating system patch upgrade, upgrade anti-virus software and virus database and feature database the. This time you can not blindly stroll on the server, the Internet viruses, Trojans and more. After the upgrade, do some basic security permissions, including the rights of each disk partition and directory, and even refine to the security settings of the relevant files. The settings for specific permissions are no longer discussed here. Different operating systems, different application directions, permissions settings are not the same. Do not follow the online tutorial intact, otherwise you will suffer a loss.
2, application security
recommends that you do not install any software that has nothing to do with your server, including the Windows operating system, the Linux operating system, and so on. The application software recommended that you use the latest version of the operating system, such as Windows FTP software under Serv-U, I believe in the server hacking case, there are more than 80% because the Serv-U server version is too low, combined with other local vulnerabilities invasion. A new version of the application has been promoted and of course there are reasons for it.
3, website and database security
has a friend, after finishing the program, directly uploaded to the server, the site erected, in the client can access regardless of, and this is also the wrong way. When writing a website program, the syntax and judgment of the program must be rigorous. After the database is installed, you must hit the latest database patch and make some basic permissions settings. After the website program reaches the server, you must set the permissions of the relevant directory in a timely manner. Although this does not guarantee the security of the entire server, it will at least greatly reduce the possibility of server intrusion.
4, antivirus software and firewall
may have friends complain, my server is installed anti-virus software, and a firewall, the server was hacked. It might be that your antivirus software is not configured or upgraded, or that the firewall is not configured. Including my friends will make such mistakes, installed antivirus software, just like ordinary applications!