Many websites are now being hacked by some hackers because the source address of the database is obtained by hackers, and the database files are controlled by hackers, and the website is hacked. So I researched IIS and thought of a way to securely configure IIS to prevent the database from being downloaded. After configuration, even if the hacker gets the location of the database and the file name of the database, the hacker can't download it to your database file through any software. Keep the server's database in a safe place! Is it very cool, in fact, it is very simple, as long as you set a redirect URL for the database file.
Let's take an example, let's say I want to build a website, the domain name is netpk.com, use asp plus access database interactive dynamic home page, the database file is not encrypted, as long as the hacker downloads the database, you can get the website admin Control, the home page file name is index.asp.
The address of the database file is in the file of conn.asp. Suppose our database is named netpk.mdb. The database file is in the root directory of the net. We just need to set the file redirection URL to the file conn.asp. On the line, as shown below, we first set the conn.asp file redirect URL, and then set the netpk.mdb file redirection in the net folder under the root directory. Very simple, through the above security configuration, your dynamic website can be used normally, but hackers can't download your database. If the hacker knows your database location, then the hacker downloads your database file with those download tools. Netpk.mdb this file, the hacker downloaded only the home page of http://netpk.com, can not download the database file, because the database has been set to redirect, all the connections to the file address of this database will be Redirect the connection to the home page of http://netpk.com. The hacked database file will be your home page index.asp .
You can now safely tell your database address to see if anyone can download your database normally, huh, huh!
Note: Because I have to go to work, time is limited, just casually studied, did not do too many database download tests, but in theory it is impossible to successfully download the database. If you have any way to download the database after getting the database address, please contact me for communication technology, thank you.
As you can see from the prompts, this upgrade will result in the inability to restore the domain to
Todays servers pseudo-static life and death cant be loaded, and many reasons cant
The subject of this article is the SELinux configuration on RHEL 5. RHEL also provides a graphical u
Like a normal desktop processor, a server processor is also the core device in a s
Upgrade the server Have you considered these ten things?
Windows + IIS environment to configure php 5.3.3 method in Fastcgi
R630 G5 boot error 84FF: system event log is full solution
Win7 IIS 7 ASP gets the system date format as a slash solution
Windows Hyper-V Server 2008 R2 VHD virtual disk maximum support capacity
How to use the write verification function of SureSCSI 212 disk array
Server Migration: Reduce Downtime and Risk Avoidance
Network administrator security training camp - protect the black box of Windows
One IP to build multiple Web sites - Host Header Method
How to connect WiFi to Win8 laptop
Win8 shortcut method for viewing file details
Windows 8 does not automatically enter the desktop after booting, what should I do?
After Win8 delete stubborn software with graphic tutorials
How to use the split screen function of Win8?
Win10 Build 10049 Registry Editor has been upgraded