What if the website is poisoned

2022 The Spring Festival is coming , But as a webmaster, the busiest thing every day is to send articles for optimization , Let the website have a better ranking so as to bring many customers , But recently, the website has always been poisoned and the information has been tampered with , This causes the contents of the snapshot to be tampered with , The home page file under the website directory is always tampered with repeatedly , Speaking of this , Many webmasters can understand the losses caused by website poisoning , In light, the ranking goes down , The most important thing is to lower the power , So the website bug fixes SINE Security technology is introduced in detail .

Why websites are poisoned , What if the website is poisoned , How to find out the specific symptoms after being hanged , How to solve and quickly restore access

The daily work of the website administrator is to check the articles published by the website and the ranking of the website in Baidu , The first symptom of website poisoning is to check the source code of the home page , It is found that the title description and keywords are encrypted , And from Baidu search keyword click directly jump to other sites , It is normal to enter the domain name directly and open it from the browser , This is because the poisoned code implanted by hackers contains the judgment of source conditions , If it is a direct jump from a search engine , If it is opened by directly entering the domain name, the display is normal .

Why is the website poisoned , First of all, if the source code of the program used by the website is open-source, there must be many loopholes , image DEDECMS Or empire CMS as well as phpcmsV9,WP Procedures, etc , The upload function in the program code or the background ultra vires and cross site attacks lead to the intrusion of the website , Some are that the background account and password of the website are too simple , Because when the station building company handed over , No more changes have been made , As a result, hackers directly log in and tamper with weak passwords , Another is to use a separate server ,ASPX Architecture of the website with win2008 win2012 win2016 Systematic IIS Environmental Science , In itself aspx You have more authority , If a site in the server is invaded, it will be involved in all websites .

How to solve the website poisoning ？

Always keep a backup , Once the poisoned website files are tampered with, the backup will be restored directly , Resume normal access , So as not to be degraded , To check for recently modified files , And the background login record of the website to see if there is any suspicious IP, If it is a separate server , To check all web sites in the server for suspicious script files , Check the attachment directory for files with script suffixes , You can also trace the source of the access log , You'll find clues , The most important point is to audit the program code , Fix website vulnerabilities , Because if you solve the problem by simply restoring the backup, you will solve the symptoms rather than the root cause , Because there are loopholes , To find the root of the problem , If you are not familiar with the code, you can ask the website vulnerability repair company for help , image SINESAFE, Eagle Shield Security , Qiming Xingchen and others have decades of practical security protection experience in website vulnerability repair .