ACCESS攻守:防止数据库被下载的几种方法
一、你用的是虚拟主机: 首先在你的MDB文件中建一个表.表中取一个字段名叫:NotDownLoad吧。 在表名建一个字段。字段中填入: 呵呵,再把数据库改名为.Asp的。为什么要取名为其实=’a’-1这里你可以乱输入只要不是正确的Asp语句就行了。因为这样把扩展名改成.
一、你用的是虚拟主机:首先在你的MDB文件中建一个表.表中取一个字段名叫:NotDownLoad吧。
在表名建一个字段。字段中填入:
呵呵,再把数据库改名为.Asp的。为什么要取名为其实=’a’-1这里你可以乱输入只要不是正确的Asp语句就行了。因为这样把扩展名改成.ASP后在IE中输入的时候。遇到了他就会去解释之间的代码,让他解释吧。呵呵会出错,所以数据库绝对不会正确的被下载
你让为安全了吗?呵呵还不安全。我们还得在数据库名前加上一个#号。 如:#Data.Asp这里的#号并不是用来作防止下载的。防止下载的刚才的过程已经作了解释。当你有多个MDB文件,并放在同一个目录下.如:某个网站(由于安全原因,就不公布了)的整站系统。如果我们猜到管理员MDB文件的位置并且从另一个系统中得到SQL注入漏洞的同时可以采用ACCESS跨库查询的方法。来取得管理员库中的记录。 如果我们在库名前面加上#号的时候,就算你猜测到了,我们也不怕 提交:select * from d:webdata#data.asp.admin
sql查询语句,系统会提示出错。因为#在SQL语法中有表示日期的作用.语法出错也就不会去执行查询条件了。(呵呵,此网站目前还有一个漏洞我用access跨库的方法攻击成功过!)
我认为比较安全的数据库就应该是#文件名.Asp 并且建一个临时表,表中有一字段 输入ASP代码,让ASP不能被正确的解释。
二、你用的是托管主机拥有主机权:
这种防下载的方法就太好办了。呵呵把你的数据库放到IIS以外的目录。打死我,我也下不了。如你的WEB目录在D:WebWebSite目录下. 那么就把数据库保存在D:WebData目录下,当然目前某些虚拟主机,也提供专门的data目录。
三、设置文件不可以下载
在IIS中,数据库上右键属性中。设置文件不可以读取
How does MySQL differ from SQLite?Apr 24, 2025 am 12:12 AMThe main difference between MySQL and SQLite is the design concept and usage scenarios: 1. MySQL is suitable for large applications and enterprise-level solutions, supporting high performance and high concurrency; 2. SQLite is suitable for mobile applications and desktop software, lightweight and easy to embed.
What are indexes in MySQL, and how do they improve performance?Apr 24, 2025 am 12:09 AMIndexes in MySQL are an ordered structure of one or more columns in a database table, used to speed up data retrieval. 1) Indexes improve query speed by reducing the amount of scanned data. 2) B-Tree index uses a balanced tree structure, which is suitable for range query and sorting. 3) Use CREATEINDEX statements to create indexes, such as CREATEINDEXidx_customer_idONorders(customer_id). 4) Composite indexes can optimize multi-column queries, such as CREATEINDEXidx_customer_orderONorders(customer_id,order_date). 5) Use EXPLAIN to analyze query plans and avoid
Explain how to use transactions in MySQL to ensure data consistency.Apr 24, 2025 am 12:09 AMUsing transactions in MySQL ensures data consistency. 1) Start the transaction through STARTTRANSACTION, and then execute SQL operations and submit it with COMMIT or ROLLBACK. 2) Use SAVEPOINT to set a save point to allow partial rollback. 3) Performance optimization suggestions include shortening transaction time, avoiding large-scale queries and using isolation levels reasonably.
In what scenarios might you choose PostgreSQL over MySQL?Apr 24, 2025 am 12:07 AMScenarios where PostgreSQL is chosen instead of MySQL include: 1) complex queries and advanced SQL functions, 2) strict data integrity and ACID compliance, 3) advanced spatial functions are required, and 4) high performance is required when processing large data sets. PostgreSQL performs well in these aspects and is suitable for projects that require complex data processing and high data integrity.
How can you secure a MySQL database?Apr 24, 2025 am 12:04 AMThe security of MySQL database can be achieved through the following measures: 1. User permission management: Strictly control access rights through CREATEUSER and GRANT commands. 2. Encrypted transmission: Configure SSL/TLS to ensure data transmission security. 3. Database backup and recovery: Use mysqldump or mysqlpump to regularly backup data. 4. Advanced security policy: Use a firewall to restrict access and enable audit logging operations. 5. Performance optimization and best practices: Take into account both safety and performance through indexing and query optimization and regular maintenance.
What are some tools you can use to monitor MySQL performance?Apr 23, 2025 am 12:21 AMHow to effectively monitor MySQL performance? Use tools such as mysqladmin, SHOWGLOBALSTATUS, PerconaMonitoring and Management (PMM), and MySQL EnterpriseMonitor. 1. Use mysqladmin to view the number of connections. 2. Use SHOWGLOBALSTATUS to view the query number. 3.PMM provides detailed performance data and graphical interface. 4.MySQLEnterpriseMonitor provides rich monitoring functions and alarm mechanisms.
How does MySQL differ from SQL Server?Apr 23, 2025 am 12:20 AMThe difference between MySQL and SQLServer is: 1) MySQL is open source and suitable for web and embedded systems, 2) SQLServer is a commercial product of Microsoft and is suitable for enterprise-level applications. There are significant differences between the two in storage engine, performance optimization and application scenarios. When choosing, you need to consider project size and future scalability.
In what scenarios might you choose SQL Server over MySQL?Apr 23, 2025 am 12:20 AMIn enterprise-level application scenarios that require high availability, advanced security and good integration, SQLServer should be chosen instead of MySQL. 1) SQLServer provides enterprise-level features such as high availability and advanced security. 2) It is closely integrated with Microsoft ecosystems such as VisualStudio and PowerBI. 3) SQLServer performs excellent in performance optimization and supports memory-optimized tables and column storage indexes.
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
SublimeText3 English version
Recommended: Win version, supports code prompts!
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
mPDF
mPDF is a PHP library that can generate PDF files from UTF-8 encoded HTML. The original author, Ian Back, wrote mPDF to output PDF files "on the fly" from his website and handle different languages. It is slower than original scripts like HTML2FPDF and produces larger files when using Unicode fonts, but supports CSS styles etc. and has a lot of enhancements. Supports almost all languages, including RTL (Arabic and Hebrew) and CJK (Chinese, Japanese and Korean). Supports nested block-level elements (such as P, DIV),
Zend Studio 13.0.1
Powerful PHP integrated development environment
