Version 2.1 released
Fixed special folder options
Added multiple webshell features
Enhanced SQL injection prevention, etc.
Fixed some bugs
----------------------------------
1.Web firewall
Web firewall is a software platform that runs on webserver and is between webserver and webapp in terms of data flow. It mainly protects web applications from the threat of dangerous data and ensures the security of data and applications.
1.1 Flow control. Currently, P2P software is rampant on the Internet, and multi-threaded downloads (such asThunderetc.), causing the website's only bandwidth resources to be severely exhausted, which not only affects the normal browsing of the website, but also requires a large amount of payment for additional traffic. Niudun IIS Firewall can effectively solve the traffic loss caused by multi-threaded downloads and help webmasters win network opportunities.
1.2 SQL injection. Nowadays, various SQL injection tools are flooding the Internet. What's more, the Mass SQL Injection of automated worms can cause thousands of websites to be hacked in a day, seriously damaging the corporate image and data security. Niudun IIS firewall uses injection simulation technology to effectively intercept various variant injections, effectively prevent GET, POST, and COOKIE injections, helping enterprises turn the tide on the Internet and win survival space.
1.3 CC attack. In today's increasingly fierce Internet competition, unfair competitive relationships have caused one party to carry out serious CC attacks on the other party's website, followed by website paralysis and a sharp drop in visits. Niudun IIS Firewall can powerfully prevent DDOS attacks caused by CC and completely solve illegal and unfair competition relationships.
1.4 Resource hotlinking. Copying resources (images and download links) between websites today is commonplace, which not only wastes bandwidth resources but is also an infringement. Niudun IIS firewall can highly protect website resources, prevent hot links, and protect the legitimate rights and interests of original websites.
Note: Please fill in the exception site after enabling resource hotlinking, otherwise the website may become inaccessible. After modifying the configuration, you need to click Apply to make the settings take effect.
1.5 XSS cross-site. OWASP ranked XSS as the number one WEB security threat in 2007. Hackers insert malicious HTML code into a Web page. When a user browses the page, the HTML code embedded in the Web will be executed, thereby achieving the special purpose of the malicious user. Niudun IIS Firewall can effectively detect and intercept malicious URLs containing XSS.
1.6 Audio and video protection. Only online playback of videos and videos is not allowed, which effectively protects the bandwidth resources and service quality of video websites.
----------------------------------------
2. Web page anti-tampering
Real-time monitoring of web directory changes and alarms to strongly prevent web pages from being tampered with.
The first step is to open the system settings and configure the website root directory and backup directory (the website root directory and backup directory must be consistent).
In the second step, if you need to send the tampering monitoring information to the designated email address, please fill in the relevant information and enable sending emails.
The third step is to enable anti-tampering (if not enabled, it will only monitor tampering information).
The fourth step is to browse the website directory that needs to be tamper-proofed (must be consistent with the website root directory of the system setting item).
The fifth step is to select the monitoring type.
Step six, start monitoring.
-----------------------------------------------
3.Webshell scanning
Through analysis, 99% of hidden WebShells can be scanned to ensure web security.
The first step is to browse the scan directory.
The second step is to select the scan type.
The third step is to click on Backdoor Scan.
---------------------------------------
4. File tampering check
Extract the characteristics of important files. When the web page code is modified, you can quickly find hidden backdoors or Trojan pages from a large number of code files.
The first step is to browse the web directory.
The second step is to select the file type.
In the third step, click Extract Features (the first time you use it, you need to extract the feature file. The file is saved in log/old.log by default. Please be careful to save this file).
The fourth step is to select the feature file. (Select previously extracted files to verify whether the file has been modified)
Step 5: Click on Tamper Check. (If you only verify the file, you do not need to perform the first, second, and third steps)
----------------------------------------
5. Special backdoor detection
Mainly used to detect a file parsing path vulnerability in Win2003. When the folder name is similar to hack.asp (that is, the folder name looks like the file name of an ASP file), then the text type under this folder All files can be executed as ASP programs in IIS. In addition, special folders like xxx.. can be used by hackers. Such a folder cannot be deleted or modified, and some anti-virus software will turn a blind eye to the Trojans placed in it. This function can effectively find such folders.
The first step is to browse the web directory.
In the second step, click to start scanning.
----------------------------------------
6.Horse removal assistant
Batch horse-mounting programs can be found everywhere on the Internet, causing great difficulties for administrators to manually remove them. This function can easily solve the administrator's dilemma.
The first step is to browse the web directory.
The second step is to select the file type.
The third step is to fill in the malware code to be removed.
Step 4: Click Clear Now.
----------------------------------------
7. For system settings, please refer to the "Webpage Anti-Tampering" settings.
----------------------------------------
8.ARP immunity
Arp immunity prevents ARP malware and sensitive information from being intercepted and intercepted. When a hacker invades a host on the same network segment, if your host does not take any ARP defense measures, although your host is not hacked, when customers visit your website, malicious code will be inserted into the web page, that is, ARP malware. At the same time, hackers can sniff the ftp, http and other user passwords of all hosts under this network segment. The famous hacker website Security Focus has suffered such an attack. Although the local threat of arp is basically solved. However, arp can also deceive the gateway, which will cause local communication interruption, so I hope that friends who have the conditions should bind the local ip and mac address on the gateway.
The first step is to fill in the gateway IP.
In the second step, click Get MAC.
The third step is to click Bind Gateway.
Hot search terms: 360 Security Guard Office365 360 browser WPS Office iQiyi Huawei Cloud Market Tencent Cloud Store
it works
it works
it works