Vps security settings

Summarize the security settings of the VPS

, a total of 11 articles, you should look carefully and take precautions! First, the default sharing is prohibited. Method 1: Create a notebook and fill in the following code. Save as *.bat and add it to the startup project net share c$ /del net share d$ /del net share e$ /del net share f$ /del net share ipc$ /del net share admin$ /del Method 2: Modify the registry, (note that you must first back up the registry, backup method before modifying the registry. In the run > gtedit, select file to export, take a file name, export can be, if you modify the registry failed, you can find the export The registry file can be double-clicked to run.) HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\LanmanServer\\Parameters New “DWORD value"value name"AutoShareServer” Data value is “0” Second, remote desktop connection configuration. Start > Programs > Administrative Tools > Terminal Services Configuration > Connections Select Right > RDP-tcp & rdquo; Connect Right-click Properties ==> Permissions to delete other users, only keep system, add administrator (not administrators), set These two users (system and administrator) are "full control" permissions, so that even if the server is created by other administrators, you cannot use Terminal Services. Third, serv_u security settings (note that you must set the management password, otherwise will be privileged) Open serv_u, click & ldquo; local service & ldquo;, click on the right & rdquo; set /change password & ldquo;, if no password is set, & rdquo; The password is blank, fill in the new password and click & rdquo; OK “. Fourth, close 139, 445 ports 1 control panel  network  local link  properties (check here to cancel & rdquo; network file and printer sharing & rdquo;)  tcp /ip protocol properties  advanced  WINS  Netbios settings == gt; disabled Netbios, you can close port 139. 2 close 445 port (note that you must first back up the registry before the registry, backup method. Run >gtedit, select file to export, take a file name, export can, if If the registry fails to be modified, you can find the exported registry file and double-click it to run.) HKEY_LOCAL_MACHINE\\System\\CurrentControlSet\\Services\ etBT\\Parameters New “DWORD Value The value is named“SMBDeviceEnabled” The data is the default value“0&rdquo Fifth, delete the unsafe components WScript.Shell, Shell.application These two components are generally used by some ASP Trojans or some malicious programs. Method: Enter the following command in "Run", respectively. 1regsvr32 /u wshom.ocx Uninstall WScript.Shell component 2regsvr32 /u shell32.dll Uninstall the Shell.application component. 3regsvr32 /u %windir%\\system32\\Wshext.dll VI. Set iis permissions. Create a separate user for each website. (The following is only the permission setting of one of the sites. If there are multiple sites on the vps, other sites will set different internet guest users according to this site.) 1 First, right click on “My Computer"Management" Local Computer and Group users, on the right. Right click on “new user”, create a new user, and set a password. Figure:

For example: This test add test users for a site visit.