1. Customize the 404 page and customize the transmission of ASP error information
404 allows hackers to batch search for some important files in your backend and check whether there are injection vulnerabilities in web pages. ASP is wrong, it may send the information that the other party wants to the unknown person.
2. Routine maintenance
a. Back up data regularly. It is best to back up once a day. After downloading the backup file, you should promptly delete the backup file on the host. b. Change the name of the database and administrator account regularly. b. Use WEB or FTP management to check the volume of all directories, the last modification time and the number of files, and check whether there are any abnormalities in the files. And check whether there are any abnormal accounts.
3. Modify the background file
Step one: Modify the name of the verification file in the background.
Step 2: Modify conn.asp to prevent illegal downloads. You can also encrypt the database and then modify conn.asp.
Step 3: Modify the ACESS database name. The more complex the better. If possible, change the directory where the data is located. 4. Restrict login backend IP
This method is the most efficient and should be a feature of every web hosting user. If your IP is not fixed, please change it every time. Safety comes first.
5. Choose your website program carefully
Pay attention to whether there are loopholes in the website program itself. You and I should be aware of whether it is good or bad.
6. Cookie protection
Try not to visit other sites when logging in to prevent cookie leaks. Remember to click Exit and close all browsers when exiting.
7. Create a Robots that can effectively prevent the use of search engines to steal information.
8.Self-test
Nowadays, there are a lot of hacking tools on the Internet, so why not find some to test whether your website is OK.
9. Modify account password
Regardless of whether it is business or not, the password is mostly admin. Therefore, the first thing you do after receiving the website program is to change the account password. Don't use the account password that you are used to before, change it to something special. Try to combine letters, numbers and symbols together. In addition, the password should be more than 15 characters.
10. Be careful when uploading vulnerabilities
As far as I know, upload vulnerabilities are often the simplest and most serious, allowing hackers or hackers to easily take control of your website. You can prohibit uploading or limit the file types that can be uploaded. If you don’t understand, you can contact your website program provider.
11. Directory permissions
Administrators are asked to set some important directory permissions to prevent abnormal access. For example, do not give script execution permission to the upload directory and do not give write permission to non-upload directories.