Hot Article
- Centos7 closes and restarts the system firewall and opens firewall ports
- How IID server uses Xshell to connect to Linux (centos) server
- BT panel forgets the background login URL, and the solution to the security entrance verification failure
- The php domain name points to ip, how to use the specified ip address to access a server in the url request domain name in curl mode
- How to purchase a dedicated server
- Error connecting to MySQL: Cant connect to MySQL server (10060)
What to do if the server is compromised (2023 detailed solution)
- Author:Sven
- Category:Server Maintain
- Release Time:2023-03-16
Living in the network era, servers/computers being invaded or attacked can be unpreventable and costly. Events like intrusion into the server to steal and delete data, ransomware viruses are common, making many companies and game development teams suffer. To sum up the lessons learned, learn from the mistakes, network viruses, hackers are everywhere, we must remain vigilant, prevent problems before they occur, and develop good preventive measures to ensure the stability and security of the server.
How to do when the server is invaded? For the server invasion to pay attention to the following aspects.
1, regular replacement of the server account, password and port, the password should contain upper and lower case letters, numbers and special symbols.
2, the server regularly antivirus, check the virus. For example, the installation of Computer Manager, 360 security guards and other software protection, update the virus database to the latest version;
3, regular backup of server file data. It is recommended that the data be backed up to the cloud or network disk, if you just back up to the server in a disk, ransomware virus will also affect the backup file, there is no point; backup after the network disk to exit the login, the network disk is recommended not to check the remember password.
4, the server is best to open the firewall settings, and then open the relevant security access ports, such as 80, 22, 443, etc.;
5、Regularly check and analyze the system event security logs to see if there is hacking, find out the relevant suspicious ip, to restrict ip access.
6, the server can be set to prohibit ping command
7、Continuously improve the security performance of the server system, timely update the system patch
8, the implementation of file and directory control permissions. System files are assigned to administrator privileges, and internal website files can be assigned anonymous user privileges.
9, careful use of shareware, shareware and freeware often hide backdoors and traps, if you want to use, be sure to check thoroughly. In addition, common applications such as browsers and input methods are recommended to be downloaded from official websites to be more secure.
related topic
- What should I do if the proxy server link fails to respond?
- inuxfind-name fuzzy query
- linux how to change the user password (linux command to change the password)
- What to do if a cp: omitting directory error occurs in Linux (detailed solution)
- How to change the password of Windows server 2008 server?
- How to block foreign IP access on Linux server?