How to determine if a website has been poisoned or installed with a Trojan horse by hackers?
1. Judgment of website opening speed: If the website opening speed is obviously slower than the previous speed, ruling out the cause of the own network, then the website may be poisoned;
2. Check the source code: If you find that characters such as <script> or <iframe> are embedded at the top or bottom of the website code, it means that it is a Trojan horse;
3. Check the modification time of the file through FTP or log in to the server: Generally speaking, if a hacker modifies a website file, the modification time of the modified file will also change. If the modification time of some files is obviously later than other files, And we haven't changed it ourselves, so it means that the file has been modified by hackers, and may have been poisoned or mounted with a Trojan horse. You can find out by looking at the source file.
What should you do if your website is infected by a Trojan horse or poisoned?
First of all, we must understand the principle of a Trojan horse on a website. Generally speaking, it is because the program used by the website itself is from a free program on the Internet. The codes and vulnerabilities in it are well known to some hackers, and they are easy to attack, especially some ASP programs. Therefore, website construction should use as little free programs on the Internet as possible; after hackers find vulnerabilities, they will upload hacker Trojans to the website. This Trojan has the function of deleting the entire website and modifying all codes, but most hackers will modify the code of the source website. Add some of their Trojan horses and virus files, and then the people who visit are poisoned and become their broilers, or hang up their customers' hidden links, or achieve some unknown purposes.
After the website is attacked, first back up all website files to prevent hackers from deleting the website. Then find the files modified by the hacker and restore them one by one. Finally, find the hacker's attack point and plug the loopholes. However, it takes a while to find the hacker's attack point. You can find clues by checking the access logs of the website for a certain period of time. This period is the time when one of your files was tampered with by hackers.
How should a website prevent attacks?
1. Try not to use free website programs on the Internet, because once a vulnerability is exposed, the website will be very dangerous.
2. When writing the program, pay attention to filtering out illegal characters, especially the last file and the place where the file is written to the server. Try to choose a non-ASP programming language such as PHP to write, because most hackers are familiar with the vulnerabilities and attacks of ASP. Being careful can reduce the probability and risk of the website being hacked.
3. The security setting of the server should be at a high level. If there are multiple websites on the server, the permissions of a single website should be limited to a certain folder. Otherwise, if a hacker attacks one website, the entire server will be infected.
Reprints or pseudo-originals are requested to indicate the source: www.kmwzjs.com
The personal space of the author Kunming Website Construction. This article only represents the views of the author and has nothing to do with the position of Webmaster.com.
-