Operation and MaintenanceLinux Operation and MaintenanceWhat should you do if your company website is hacked? (Solution)What should you do if your company website is hacked? (Solution)
Many company websites have been hacked and attacked. The main thing involved is the development language of the website, including code language and database language. Most websites now use PHP, JAVA,. NET language development, the database uses mysql, oracle and other databases, so what should I do if the website is attacked? When running a website, it is common to be attacked. Especially some company websites and personal websites are not protected by full-time security technicians. As a result, the website is often attacked and often redirected to other websites. Some websites even fail. It has been hacked, and the title of the website's homepage has been repeatedly tampered with. Without professional security skills to protect it, facing such a problem can only be done in a hurry, and there is no good way. So our SINE security team will tell us how to deal with the problem of website being hacked. 
The symptoms of a website being hacked are as follows:
#1. Now in 2019, the website has been hacked The most common symptoms of an attack are that opening a website will automatically jump to other websites. The homepage file of the website is often tampered with, and the title and description of the homepage will be tampered with. Some websites with severe attacks are even blocked by Baidu's URL Security Center. Dropped, bringing a very bad user experience to users who visit the website.
2. Malicious black links are inserted into the code of the website. You cannot see these black links when you open the website normally. You can only find these links by checking the source code, and they are often found. Added to the very bottom of the website's homepage, there are some friendly links with text descriptions. Some of them will also hide the font size of these black links and reduce them to the smallest size so that you cannot find them at all. The purpose of attacking the website is to implant some black links. To add the weight of other websites on Baidu and get some traffic.
3. There are also some websites that have been attacked. The number of snapshots of the website in Baidu has increased significantly. Some even have tens of thousands of snapshots of the website, all of which have nothing to do with the content of the website itself. For some entries, the website is basically hijacked. Clicking on it from Baidu jumps directly to other websites. If you check the source code in the server, you will find traces of the attack. Usually there are some special names in the root directory of the website. Files, as well as some HTML files, especially websites with higher weight and higher traffic will be hijacked and snapshots will be entered.
4. The website cannot be opened due to the attack. When opening the website, it is fast and slow. The server's CPU is occupied to 100%, and the website cannot be opened at all. The database process is occupied to 100%, and the server is stuck. It cannot be operated remotely. These are basically DDOS traffic attacks and CC attacks. They use G bandwidth to attack the IP of the server, causing network congestion and making the website unable to be opened. This attack method is often used by peers to compete and offend others. .
5. When opening the website, it prompts that the database cannot be connected. The database was maliciously deleted by the attacker, and the code files of the website were deleted. Some websites prompt that they cannot be connected when opening, and even some website codes If you are infected by a ransomware virus or a mining virus, you will have the above attack symptoms.
6. Some websites have been attacked, mainly by tampering with members’ bet orders, changing members’ account passwords, including malicious withdrawals, malicious transfers, and changing members’ bank cards. Such attacks are often In order to obtain benefits, some membership systems have many levels of channels, which often become the target of attacks. They tamper with the database and add coins to their accounts, causing greater economic losses to the membership channel system.
What should I do if my website is hacked? How to deal with it?
Regularly back up the website code and database. Some websites use Alibaba Cloud servers. You can enable Alibaba Cloud's snapshot backup function to perform regular backup snapshots of the entire website server to prevent website data from being deleted or tampered with. Snapshots can be used to restore the website to its latest state in real time. Use CDN to accelerate the website domain name, hide the real IP of the website, and prevent attackers from conducting DDOS and CC attacks on the website.
The website’s system will be upgraded, patches will be applied to correct website vulnerabilities, a comprehensive security check will be conducted on the website’s security, and the website’s Trojan backdoor will be checked frequently to see if a website Trojan has been uploaded, and PHP script Trojan. Repairing website vulnerabilities and eradicating Trojan backdoors requires a lot of professional knowledge, not just knowledge, but also a lot of experience accumulation. Therefore, from building a website to protecting the website and protecting the server, try to find a professional website security company to handle it. Question, domestic security companies such as Sine Security, Green Alliance, and Venus Dou are relatively professional.
If you know the server well, you can also make security arrangements for the folder permissions of the website, including some picture directories. , JS directory, and cache directory can all be set without script execution permissions. Some template folders can be set with read-only permissions to remove PHP's running permissions. Update the password of the server frequently, change the backend address of the website, do not use the default backend address named admin, manage, houtai, etc., strengthen the password of the administrator account of the website, and use a combination of numbers, letters, and uppercase letters.
Related tutorials: Website Construction Guide Video Tutorial
The above is the detailed content of What should you do if your company website is hacked? (Solution). For more information, please follow other related articles on the PHP Chinese website!
Linux: How to Enter Recovery Mode (and Maintenance)Apr 18, 2025 am 12:05 AMThe steps to enter Linux recovery mode are: 1. Restart the system and press the specific key to enter the GRUB menu; 2. Select the option with (recoverymode); 3. Select the operation in the recovery mode menu, such as fsck or root. Recovery mode allows you to start the system in single-user mode, perform file system checks and repairs, edit configuration files, and other operations to help solve system problems.
Linux's Essential Components: Explained for BeginnersApr 17, 2025 am 12:08 AMThe core components of Linux include the kernel, file system, shell and common tools. 1. The kernel manages hardware resources and provides basic services. 2. The file system organizes and stores data. 3. Shell is the interface for users to interact with the system. 4. Common tools help complete daily tasks.
Linux: A Look at Its Fundamental StructureApr 16, 2025 am 12:01 AMThe basic structure of Linux includes the kernel, file system, and shell. 1) Kernel management hardware resources and use uname-r to view the version. 2) The EXT4 file system supports large files and logs and is created using mkfs.ext4. 3) Shell provides command line interaction such as Bash, and lists files using ls-l.
Linux Operations: System Administration and MaintenanceApr 15, 2025 am 12:10 AMThe key steps in Linux system management and maintenance include: 1) Master the basic knowledge, such as file system structure and user management; 2) Carry out system monitoring and resource management, use top, htop and other tools; 3) Use system logs to troubleshoot, use journalctl and other tools; 4) Write automated scripts and task scheduling, use cron tools; 5) implement security management and protection, configure firewalls through iptables; 6) Carry out performance optimization and best practices, adjust kernel parameters and develop good habits.
Understanding Linux's Maintenance Mode: The EssentialsApr 14, 2025 am 12:04 AMLinux maintenance mode is entered by adding init=/bin/bash or single parameters at startup. 1. Enter maintenance mode: Edit the GRUB menu and add startup parameters. 2. Remount the file system to read and write mode: mount-oremount,rw/. 3. Repair the file system: Use the fsck command, such as fsck/dev/sda1. 4. Back up the data and operate with caution to avoid data loss.
How Debian improves Hadoop data processing speedApr 13, 2025 am 11:54 AMThis article discusses how to improve Hadoop data processing efficiency on Debian systems. Optimization strategies cover hardware upgrades, operating system parameter adjustments, Hadoop configuration modifications, and the use of efficient algorithms and tools. 1. Hardware resource strengthening ensures that all nodes have consistent hardware configurations, especially paying attention to CPU, memory and network equipment performance. Choosing high-performance hardware components is essential to improve overall processing speed. 2. Operating system tunes file descriptors and network connections: Modify the /etc/security/limits.conf file to increase the upper limit of file descriptors and network connections allowed to be opened at the same time by the system. JVM parameter adjustment: Adjust in hadoop-env.sh file
How to learn Debian syslogApr 13, 2025 am 11:51 AMThis guide will guide you to learn how to use Syslog in Debian systems. Syslog is a key service in Linux systems for logging system and application log messages. It helps administrators monitor and analyze system activity to quickly identify and resolve problems. 1. Basic knowledge of Syslog The core functions of Syslog include: centrally collecting and managing log messages; supporting multiple log output formats and target locations (such as files or networks); providing real-time log viewing and filtering functions. 2. Install and configure Syslog (using Rsyslog) The Debian system uses Rsyslog by default. You can install it with the following command: sudoaptupdatesud
How to choose Hadoop version in DebianApr 13, 2025 am 11:48 AMWhen choosing a Hadoop version suitable for Debian system, the following key factors need to be considered: 1. Stability and long-term support: For users who pursue stability and security, it is recommended to choose a Debian stable version, such as Debian11 (Bullseye). This version has been fully tested and has a support cycle of up to five years, which can ensure the stable operation of the system. 2. Package update speed: If you need to use the latest Hadoop features and features, you can consider Debian's unstable version (Sid). However, it should be noted that unstable versions may have compatibility issues and stability risks. 3. Community support and resources: Debian has huge community support, which can provide rich documentation and
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
MinGW - Minimalist GNU for Windows
This project is in the process of being migrated to osdn.net/projects/mingw, you can continue to follow us there. MinGW: A native Windows port of the GNU Compiler Collection (GCC), freely distributable import libraries and header files for building native Windows applications; includes extensions to the MSVC runtime to support C99 functionality. All MinGW software can run on 64-bit Windows platforms.
Notepad++7.3.1
Easy-to-use and free code editor
WebStorm Mac version
Useful JavaScript development tools
Dreamweaver Mac version
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
