How can the webmaster quickly deploy a security dog ​​to resolve CC attacks

                  The security software installed on the computer is still no problem for general SQL injection attacks until it encounters a CC attack. In this article, the author will teach you how to quickly deploy a security dog ​​to resolve CC attacks.

There are several websites at hand: 1 Z-Blog blog, 1 phpwind forum, 1 Discuz! forum, the traffic is not high, so the VPS with 512M memory is enough, usually the speed is also Not bad.

But the website is considered a network security class, so the attack on the website is also different. Fortunately, most of the time it is scanning, stepping on the point, and the most common day of attack attempts detected by a security monitoring software is 80,000 times. However, due to the installation of security software, general SQL injection and other attacks are still no problem — — until CC attacks.

The initial performance is that w3wp.exe consumes CPU resources, from 30% up to 100%.

At first, I thought it was a program or database problem. I checked the program on the VPS and found that it was not tampered with, and then compressed the .mdb database, but found no effect. At this time, I felt that I was attacked, so I downloaded the analysis software and found that a large number of requests were for multi-parameter submission of the catalog.asp of the Z-Blog blog program. This file can read the tags, and the tags of my website More, so frequent queries will inevitably lead to a sharp decline in performance.

As you can see, the execution speed of the catalog.asp file (in fact, there are a few, but the most obvious of this file) has reached an unbearable level!

I thought about it. Delete or rename the file such as catalog.asp: but it does not solve the problem. The loss of traffic and the loss of functionality caused by the deletion of this file are unacceptable to me; if the name is changed, the attacker can still use the renamed file to attack.

In fact, for such an attack, the things that can be done by hand are very limited!

Looking for several security protection software, most of the defense effects on CC are not good, can not be said to be completely invalid , but only a limited defense effect. So, I finally installed a security dog!

The security dog ​​is divided into two versions: server security dog, website security dog. The former mainly protects the server, and the latter mainly protects the WEB server. For the web server, it is recommended to install two together.

Turn on DDOS protection on the server security dog:

Enable CC attack protection on the website security dog:

Then the server's CPU usage is down. Although there will be a momentary high occupancy, the browsing of the website is no longer affected, and the purpose has been achieved.

Then look at the two software, the function is still quite a lot:

Server security dog: system vulnerability repair, registry optimization, garbage cleanup, account security, remote desktop protection, Application daemon, system resource daemon, timing operation, DDOS firewall, ARP firewall, network monitoring, IP firewall, email alert, etc.

Website security dog: web Trojan scanning, active defense (SQL injection protection), website resource anti-theft chain, website specific resource protection, CC attack protection, multi-threaded download control, IP black and white list.

The installation and configuration of the two security dog ​​products is very user-friendly, basically "the next step" can be completed. And it can be easily used for system reinforcement and WEB security protection, which is very suitable for personal webmasters and IDCs.