Solution for website being suspended

There are many reasons why the server is suspended , Before it's solved , First of all, we need to find out the type of hanging horse , The more common ones are ARP Hang horse and non ARP Hang a horse .　　 Let's talk about it first. ARP Hang up , In the machine room ARP Of Trojans , New friends will feel very magical , Look at the information that the website program has not been injected on the server , When you visit the Internet, it indicates that there is a virus . This is it. ARP The phenomenon of hanging horses ： （IE During the interview , The site has been suspended , But when viewing the actual file on the server , It is found that the file on the server has not been modified .） Generally, we can't solve this situation , You can only contact the computer room ,

Check that it is hung ARP Virus machine , Isolate and kill the virus !

Next, let's talk about non ARP Hang a horse , At present, it is more common to asp and .net Trojan horse . They call fso and io Component for batch hanging of website programs . Therefore, the most direct way to prevent this trojan horse is to control the permissions of these two components , The website directory only gives read permission , Update Rongru in the site ： To upload pictures , Plug ins are best used ftp Upload , There is also the control of the website program , All operations such as uploading should be verified . Of course , Sometimes I get hung up because of a moment's negligence

The following are divided into the following types and solutions according to the number of suspended websites :

　(1) Individual websites are suspended .

　　 The phenomenon : Only one or two websites have been suspended , There is no problem with other websites .

　　 solve : Generally, there is a problem with the website itself . You can inform the customer to solve it by yourself , Do not belong to IDC Scope of responsibility of the provider .

　　 If you want to help customers solve , You can first check to see if there is WEB Upload program , HTML Online programming program , Image online upload program , Most of these programs have problems .

　　 There are friends who use Liqing virtual host management system , If you don't need this kind of program , Sure WinIIS Set the permissions of the main directory of the site in the control panel , Remove the write permission , Just leave read-only and execution .

　(2) Websites of the same type are tagged .

　　 The phenomenon : Several websites were suspended , And the website content of the suspended horse is the same type of website , For example, use the same forum program , The same online upload program , The same kind of mall .

　　 solve : Most of them are due to loopholes in such forums or mall programs . It is suggested to upgrade the relevant programs .

　(3) Most websites of the whole server have been suspended .

　　 The phenomenon : The server has been suspended on most websites , This is mostly caused by the overall security problem of server security .

　　 solve : Generally, you need to check the security of the server from the following aspects . And after finding out the problem , If you are not sure , It is generally recommended to reinstall the server , To eradicate .

　　 Check whether there is a problem with the permission setting of the disk , Special C Disk permissions . Whether other disks have special unnecessary permissions , General advice

　　 Other drive letters and d:\www\web\ The directory only leaves administrators And system Authority is fine , Don't leave any other users' permissions .

　　 Check serv-u No management password is set

　　 Check MSSQL Of SA Is the password too simple or empty

　　 Check the startup items of the system , See if there are unnecessary programs to start .

　　 Check the task manager , See if there is any suspicious process

　　 Check the service of the system , See if there is any suspicious service startup