Detailed explanation of website being hacked (how to deal with being hacked)
The right way 2021-02-23 01:01:09
One 、 What is a website “ Be black ”?
  • Website is hacked , It refers to the program that hackers use the website 、 Security vulnerabilities in settings, etc. or administrator Security Oversight ( Such as low password complexity ), Not authorized by the Administrator , The website has been tampered with ( For example, add spam content or add other web pages ) Or inject malicious code into the website .

 The website is explained in detail by black issues ( How to deal with it " Be black ")- The most complete explanation

Two 、 How to know if “ Be black ”?
  • Analyze system logs 、 Server log , Check the number of pages on your site 、 Whether there is abnormal fluctuation of flow etc , Whether there is abnormal access or operation log
  • Check if there is any abnormal modification in the website file , Especially the home page and other key pages .
  • Whether the website page references the resources of the unknown website ( picture 、JS etc. ), Whether the exception link of the outstation is placed .
  • Check whether the website has abnormally added files or directories .
  • Check whether there is non administrator packaged website source code in the website directory 、 Unknown txt Documents, etc. .

3、 ... and 、 How to deal with it “ Be black ”?

Step one: avoid the problem expanding

  • Shut down your website immediately to avoid infecting other websites ( If you have access to your own server, it is best to configure it to return 503 The status code ).
  • Contact your own network hosting provider to see if you have taken steps to solve the problem .
  • Change passwords for all users and all accounts ( for example ,FTP Access password 、 Administrator account password 、 Content management system authorization account password ).
  • Delete all pages changed by string or added maliciously , And through the platform of Sogou webmaster, through the dead chain submission, we are informed to delete the black data in Sogou search results .

  • Step two Assess the loss
  • Use the latest scanner to scan your computer , Find out any malicious code that may be added by hackers . Please be sure to scan everything , Instead of just scanning text-based files , Because malicious content tends to be embedded in images .
  • Delete the webpage or website that is blacked out . This prevents the system from providing users with a blacked out web page .
  • Report to us the web page of online deception ( sogou : Baidu :
  • see For the website being hacked ( ) Treatment method .
  • If you have other websites , Please check if they are also black .

  • Step three If you have access to your own server , Please continue with the following steps
  • Check if there are any open redirect URLs in your website that have been attacked .
  • According to the website platform used , Check .htaccess file (Apache) Or other access control mechanisms , To find out malicious changes .
  • Check the server logs , To see when the file was blacked ( remember , Hackers can change logs ). Look for suspicious activity , For example, failed login attempts 、 command ( In particular, commands issued as root users ) History or unknown user account .

  • Step four Clean up your website
  • Clean up your content , Delete all pages added by hackers according to virus scanner identification results 、 Garbage content and suspicious code . If you back up the content , Then consider deleting your content completely , Then replace with the latest known good backup ( It has been verified that there is no loophole and no black content in a backup ).
  • Step five If you have access to your own server , Please continue with the following steps
  • Update all packages to the latest version . We recommend that you use a reliable source to completely reinstall the operating system , To ensure that all content tampered with by hackers is removed . in addition , If the blog platform is installed 、 Content management systems or any other type of third-party software , Be sure to reinstall it or update it accordingly .
  • Make sure your website doesn't contain any loopholes and change your password again .
  • Set the system to be publicly accessible . Change server configuration , Make it no longer return to 503 The status code , And take all other necessary measures to open its website to the public .
  • Step six Apply for unblocking
  • When you follow the above tips to remove the exception carefully , Apply to unblock your website , Submitting an application without completely excluding all exceptions will not pass our inspection , And then there's no way to unblock .
  • The complaint processing cycle of the website is generally 20~30 A working day , The staff will check the content of your site , When all abnormal conditions are completely eliminated , Your site will be unblocked .

Four 、 How to prevent “ Be black ”?
  • Check the server log regularly to find problems , Check for suspicious access to non foreground pages .
  • Often check whether the website files have abnormal changes or additions .
  • Focus on the operating system , And the official website of the program used . Download the patch in time , Fix security holes ; If necessary, it is recommended to update to the latest version .
  • Modify the default file name of the key file of the open source program , Cheaters usually determine whether a program is used by automatically scanning the existence of certain files .
  • Modify the default administrator user name , Improve the password strength of the management background , Using letters 、 A combination of numbers and special symbols .
  • Shut down unnecessary services and ports
  • Turn off or restrict unnecessary Uploads .
  • Set up firewall and other security measures .
  • If problems recur , It is recommended to reinstall the server operating system , And re upload the backup website file .
  • Lack of professional maintenance personnel for the website , It is recommended to consult a professional safety company .

Content reference source : Sogou webmaster platform Organize resources : changzhou SEO Mu Mu blog

Others are searched by black questions : What if the website is mirrored ?( Advanced mirror suggests prevention )

Originality is not easy. , Original address source :

本文为[The right way]所创,转载请带上原文链接,感谢