Recommended: VBScript beginner tutorial: Introduction to VBScript Before learning VBScript, you should have the knowledge of HTML and CSS to ensure that you can write web pages proficiently. Introduction to VBScript VBScript is a scripting language that can be used for client scripting of Microsoft IE browsers and Microsoft IIS (Internet Information)
Given that most website intrusions are done using asp Trojans, this article is featured to enable ordinary virtual host users to better understand and prevent asp Trojans. Only when space providers and virtual host users take preventive measures together can they effectively prevent asp Trojans!
1. What is an asp Trojan?
It is actually a website program written in asp, and some asp Trojans are even modified by asp website management programs.
It has no essential difference from other asp programs. As long as it can run asp space, it can run it. This property makes the asp Trojan very difficult to detect. The only difference between it and other asp programs is that the asp Trojan is an asp program that the intruder uploads to the target space and helps the intruder control the target space. To ban the asp Trojan running is equivalent to ban the asp running. Obviously this does not work, which is also the reason why the asp Trojan is rampant!
2. Principle of invasion
To invade, you must upload the asp Trojan to the target space, which is very important!
So how do intruders upload an asp trojan?
It is ironic that intruders mostly use the existing asp programs with upload functions in the target space to implement them. Under normal circumstances, these asp programs that can upload files have permission restrictions, and most of them also limit the upload of asp files. (For example: a news release that can upload images, a picture management program, and a forum program that can upload more types of files, etc.) However, due to artificial asp setting errors and loopholes in the asp program itself, intruders can take advantage of the opportunity to upload an asp Trojan. As long as the asp Trojan is uploaded to the target space, the intruder can run it to complete control of the target space.
Therefore, the key to preventing asp Trojans is how virtual host users ensure the security of asp upload programs in their own space!
To put it bluntly, it means not giving intruders the chance to upload files!
Let me say something extra here:
Since space providers cannot foresee what kind of programs the virtual host user will upload on their site and whether each program has vulnerabilities, they cannot prevent intruders from using vulnerabilities in the site to upload an asp Trojan.
Space quotations can only prevent intruders from using the hacked site to hack other sites on the same server again.
This also further shows that to prevent asp Trojans, virtual host users must strictly control their own programs!
3. Preventive measures
First of all, you can evaluate the risk of your website being hacked by asp Trojans based on the following security level.
a. There are no uploading programs or forum programs in the website
---- Very safe
b. There are uploading programs or forum programs in the website. Only the administrator can upload programs and protect the program database.
----- General safety
c. There are uploading programs or forum programs on the website. Many users can upload programs, but there is no protection measure for the program database.
---- Very dangerous!
This security level only gives everyone a preliminary understanding of the security of their own space. Next, we will talk about specific preventive measures:
1. We recommend that customers upload and maintain web pages through ftp, and try not to install the asp upload program.
2. The call to the asp upload program must be authenticated, and only trusted people are allowed to use the upload program. This includes various news releases, malls and forum programs. As long as the asp that can upload files must be authenticated! In addition, the uploaded asp file can be renamed or deleted when no upload function is required, such as upload.asp, upfile.asp, etc., and then restore the original name through ftp or upload it again when it is needed.
3. The username and password of the asp program administrator must be complex and should not be too simple. Pay attention to changing it regularly.
4. Go to a regular website to download the Asp program. After downloading, you must modify its database name and storage path, and the database file name must also have a certain complexity. It is recommended that our company's customers use the .mdb database file extension because our company's server has set the .mdb file anti-download function.
5. Try to keep the program up to date.
6. Do not add links to the background manager login page on the web page.
7. To prevent unknown vulnerabilities from the program, you can delete the login page of the background management program after maintenance, and upload it through ftp the next time you maintain it.
8. Always backup important files such as databases.
9. Maintain more daily maintenance and pay attention to whether there are any asp files of unknown origin in the space. Especially for directories that are specially used to store uploaded files, such as: uploadfile, uploadsoft, etc. If unknown *.asp or *.exe files are found, they should be deleted immediately, because 90% of these files are likely to be intrusion programs. Remember: One point of sweat, one point of safety!
10. Once it is found that it is hacked, unless the customer can identify all Trojan files themselves, all files must be deleted. Before re-uploading the file, all asp program usernames and passwords must be reset, and the program database name and storage path and the path of the background management program must be re-modified.
11. Install the necessary intrusion detection system and update the antivirus software in a timely manner.
If you take the above precautions, your space can only be said to be relatively safe, and you must not be careless because invasion and anti-invasion are an eternal war.
Share: ASP program implements pseudo-static page source code for web pages Very simple tutorial for friends who like SEO. Replace http://www.***.cn/article.asp?logID=26 with http://www.***.cn/article.asp?/a26.html. There is no need to use IIS ISAPI_Rewrite to make an IIS-based url rewrite