Now that the defence is considered from the invader, then first we need to know the way of the invader. So far, popular web invasion way is to look for application bugs to get the website webshell, and then find the relevant useable way to get the authorization according to the server configuration. Finally get the control of the server. Therefore, it’s an effective way to configure and defend webshell matching with server.
1. Defend database being downloaded illegally
It’s known to all that administrator having network security sense would change the path of the default database of the website application downloaded from Internet. Of course, there are a part of careless administrators, who would directly install the application once get in hand, even would not delete the direction files, not mention to change the path of database. Then hackers could directly download the website source application through the source code site, and then find the default database by local test, then download database and read the user information and material inside (generally encrypted with MD5), find the management entrance to logon to get webshell. There’s another situation that as application error, website database path is exposed, then how to defend such situation happening? We can add mdb expanded mapping.
Open IIS and add a MDB mapping, letting mdb parsed to other file could not be downloaded: “IIS Properties”—“Main directory”—“Configuration”&mda