For more than ten days, AliCloud Singapore ECS has been fully restored! Remember the Alibaba Cloud Singapore ECS that failed on September 10 due to a fire in the computer room? From the health board on Alibaba Cloud's official website, we can see that the Singapore zone has not been fully restored. It has been 11 days since today. The current health status of Alibaba Singapore ECS products is still abnormal, and the event log has not been updated since it was updated on the 16th. That is to say, there are still many machines waiting for dry repair, which seems to be a major accident, Maybe data loss is inevitable. If your important business is placed in that computer room and there is no backup, it will cool the day lily. I want Alibaba Cloud to compensate you What is the meaning of the policy get param in Baidu Cloud Protection WEB application firewall WAF Recently, a customer needs to block zhujib.com/index.php? The link with store in s=/store/order/list&dataType=all&page=1 has been tried many times but failed. If you want to consult the host help, what should I do? In fact, it is very simple, because the key words are located in the? Later, we use the get param policy to intercept and add the get param policy to include the store. In WAF (Web Application How to deal with security risks when websites are often prompted by network security? Recently, the company's corporate website received a notice of network and information security risks from the local network security, indicating that the server port 3306 has high-risk risks. These days, the webmaster gang is thinking about how to make the webmaster absolutely safe when it scans my website? For this reason, I checked a lot of materials and found that the network security mainly scans the server and the website program under the domain name. Then we can start from the server and website programs directly. 1. The server closes all external ports, including 80, 443, 3306, 22, and so on. The server does not have external access, the network security cannot be scanned, and hackers cannot access it Baidu Search URL Tip: How to deal with the webpage that may have been illegally tampered with Recently, a customer of Hosthelp reported that the website prompted when Baidu searched: Baidu Website Security Center reminded you that this page may have been illegally tampered with! For this problem, we recommend adopting the official handling method: 1. Click the website to enter Baidu Reminder - click Apply for Unsealing 2. Fill in the appropriate information. If you are a business website, select a business website, upload the business license and submit the complaint, and we will resume it. It should be noted that it is safe for Baidu website to query your web page. Query address: https://bsb.baidu.com/ If it has not been recovered What does the large-scale explosion of Lebanese pagers show? On September 17, 2024, hand-held pager explosions occurred in Beirut, the capital of Lebanon, and many places in the southeast and northeast of Lebanon. The pagers were blown to pieces, and the blast lasted for more than an hour. Nine people were confirmed dead and about 2750 were injured. This incident is probably a hacker attack, because these pagers exploded on the same day and at the same time. If the pager bug does not occur at the same time, it shows that hackers can remotely control and explode the Internet of Things. It is very likely that the hacker will use a loophole in the pager to remotely control the pager to run a command Risk attention! SSL must be deployed when using Western Digital Virtual Host! Recently, a website of Hosthelp received a notice of network and information security risks from WebSecurity, which clearly identified an IP service port under the domain name resolution of our company's official website: 3306, suspected to be a high-risk port, with potential security risks. This problem is nothing at all, because port 3306 itself is a database port. If the server has enabled the database remote connection, it must be enabled. Of course, some databases have modified ports, which is safer. However, after the network security scans this port, it thinks it is a high-risk port and needs to be handled. After learning about the situation, the mainframe help found that it was Western Digital 115 network disk encounters server malicious network attack On September 16, it was reported that the webmaster reported that the 115 online disk had a service failure today, including 502 errors displayed on both the App and the official website pages. The network speculated that the service of online disk 115 may have stopped. In this regard, the official microblog of online disk 115 released an announcement this evening to respond to the failure. Urgent statement: Today (Monday, September 16, 2024), the servers of Guangdong 115 Technology Co., Ltd. (hereinafter referred to as "115 Technology" or "our company") were attacked by malicious networks, resulting in a malicious network attack, including 115 Life (formerly known as "115 Network AliCloud disk suddenly encounters a p0 bug fault. Create an album to see other people's photos On September 14, Alibaba Cloud disks were exposed to have a "catastrophic serious bug". A user accidentally discovered that in the album function of AliCloud disks, you can see pictures in other users' cloud disks by creating a folder and selecting pictures by category. In response to this problem, Alibaba Cloud disk related staff replied: "On the evening of the 14th, the technicians had repaired the bug at the first time, and the related functions could be used normally, with a small user impact." However, some users said that this was a P0 fault, which was very serious in the online disk world. Looking back, there were also Burst! Jing'an Network cannot be accessed for unknown reasons! At about 5:00 p.m. on September 14, a customer reported that Jing'an Network could not be accessed normally. The host computer help contacted the customer service, please wait for feedback. Until now, the official website of Jing'an Network is still unable to open, and the host help can't open www.zzidc.hk, Jing'an's Hong Kong website, and the other official website of Jing'an, Kuaiyun, is also unable to open. The host gang guessed that the main station was attacked and could not be opened normally. In fact, the official website could not be opened at this time point, and Mainframe was still a little worried, because now it is normal for IDC companies to close down. Jing'an has not had a good life in recent years, and the Internet is basically negative Well known data marketing platform 5118 was sued by Baidu for webmaster tools Students who engage in SEO should all know that 5118 is a platform that can not only monitor website keyword rankings, but also understand the latest ranking fluctuations in the industry. It is very suitable for students who study SEO. The 5118 platform's affiliated company, 5118 Technology Co., Ltd., was sued by Baidu for a webmaster tool developed in 2022. This year, 5118 was awarded compensation and apologized. The host helped to check, because this webmaster tool has the function of hiding Baidu advertisements. This is illegal. Many developers who block advertisements have been accused. Not only Baidu, but also Tencent has accused some developers of blocking advertisements TOM Email will stop free email service today On September 13, according to the announcement issued by TOM Email, because of the adjustment of email business, TOM Email officially stopped its free email service today (September 13). After September 27, the email account will not be able to log in. During this period, the user can log in to backup the mail, and the mail in the mailbox will be cleared after September 27. Users who have used the free version of TOM mailbox before should back it up as soon as possible to avoid losing important emails and attachments. According to the actual measurement, after clicking the free mailbox registration page on the official website to jump, the green theme interface turns to the gray free mailbox page, which prompts: suspend the registration of TOM mailbox What are the advantages and disadvantages of SAAS for users SAAS (Software as a Service for website building), that is, the "software as a service" website building model, is an online website building service based on cloud computing technology. In this mode, website building tools and platforms are provided to users as services. Users do not need to purchase, install and maintain any software or hardware, but can access and use these tools to create and manage their own websites through network connection. Recently, I had the honor to contact a SAAS website building user for defense, so the mainframe help will give Google search "About this result" adds a link to the Internet Archive web page cache, replacing the original web page cache function On September 12, it was reported that Google's official Google SearchLiaison account and Internet Archive team blog on the Internet Archive on the X platform had started to search Google on the "About this Result" panel on the 11th local time, adding a web page cache link from the Internet Archive Wayback Machine. Google earlier this year removed the first party web cache link function provided by Google's search "About this result" panel, because compared with the era when web cache was popular Baidu Cloud Protection access overview function has resumed normal preview The previous version issue has been accessing the overview function, which has been unavailable. Now it has been optimized and restored, and updated more accurately and timely. The access overview supports the preview of traffic bandwidth and number of requests, which can be viewed accurately to the uplink and downlink bandwidth and the peak of uplink and downlink traffic Alibaba Cloud Singapore computer room caught fire due to lithium battery explosion A news about the fire in Alibaba Singapore's computer room was received: On September 11, 2024, Alibaba Cloud updated the [Exception (Processing)] Fire in the C computer room in the Singapore zone. At 10:20 on September 10, 2024, Alibaba Cloud monitoring found that network access in zone C of the Singapore region was abnormal, and some cloud products and services were abnormal. Alibaba Cloud engineers were urgently handling the problem. Anomaly The fire and temperature rise were caused by the lithium battery explosion in the Singapore machine room. Firefighters have arrived at the scene for disposal. Most cloud network products and cloud security products were sold at 10:55 Huaxiaxin, a domestic chip company, went bankrupt and its assets including domain names were auctioned According to the National Enterprise Bankruptcy Reorganization Case Information Network, the administrator of Huaxiaxin (Beijing) General Processor Technology Co., Ltd. (hereinafter referred to as Huaxiaxin) will publicly auction domain names, 15 software copyrights and 14 patents from 10:00 on September 22, 2024 to 10:00 on September 23, 2024 (except for the time delay). The announcement shows that the auction targets include three domain names, with a starting price of 13879 yuan; The starting price of 15 software copyrights and 14 patents is 15550 yuan. This auction is conducted by the administrator in accordance with the relevant provisions of the Measures of the Beijing Higher People's Court for the Implementation of Online Auction of Property in Bankruptcy Proceedings (Revised) Burst! Alibaba Cloud Singapore computer room is on fire! On September 10, 2024, Alibaba Cloud announced that at 10:20 a.m. Beijing time, September 10, 2024, Alibaba Cloud monitoring found that network access in zone C in Singapore was abnormal, and some cloud products and services were abnormal. The reason for this failure is that a fire in the Singapore computer room caused the temperature to rise. Firefighters have arrived at the scene for disposal. Most cloud network products and cloud security products have completed active switching at 10:55, and other cloud products and services are still being handled. If the computer room catches fire, will it burn up the data The website was attacked by CC, and Tencent Cloud CDN owed 10000 yuan in two hours In recent years, due to the rise of cloud services, many domestic websites cannot use CDN. CDN can not only accelerate websites, but also cache static resources. It is very useful for websites with high website traffic, and the server can save a lot of bandwidth costs. The top ten cloud service providers in China all provide CDN services. They all provide pay as you go services, which is not a problem in itself. The problem is that CDN does not provide DDOS defense. When CDN is attacked by CC, it will generate a huge number of requests and traffic consumption. The direct result is that the account is in arrears and takes off. Today there is a webmaster Baidu Cloud Protection custom blocking page function is online Baidu Cloud Protection's latest online customized blocking page function allows users to customize the page displayed after being blocked. You can customize the page that will be displayed after being intercepted according to the instance, and support HTML code and user-defined header functions, which can be seen in Basic Settings - User defined Intercept Page. Page keyword description: Response code: {: {response_code}:} Interception type:: {action_type}:} Rule ID: {rule_id}:} The market of the website is not good, and the well-known recruitment website, Zhunzheng, has closed down On September 4, Zhunzheng, a well-known recruitment website in China, issued a notice of closing the service. In the notice, the targeting platform (including targeting APP, targeting applet and targeting website) will close the existing services at 23:59:59 on September 30, 2024. This is the whole platform has been closed, and Zhunzheng doesn't plan to operate this website anymore. Kanzhun, a well-known employer review and workplace information platform in China, was founded in December 2013 and launched the Kanzhun APP in 2016. The platform provides basic employer information, employer evaluation, salary information, interview experience, etc
Selected articles
Can advanced anti DDoS IP 500G defense resist DDoS ignoring CC attacks? The answer is, of course, CC attacks cannot be ignored. The essence of CC attack is to make the source server of the business unable to withstand the attack through a large number of requests, so that it cannot be accessed normally. Different from general DDOS, although CC attack is also a kind of DDOS, it does not require a lot of traffic, and only requires a large number of illegal requests against the weaknesses of the application, which can easily paralyze the server. If DDOS is a simple and crude attack, CC attack is an attack against weakness. Preventing CC attacks requires high requirements for firewalls, in addition to the knowledge of firewalls How to solve an attack on the server? (Countermeasures against DDOS attacks on servers) In the face of DDoS attacks, the following strategies can be adopted: 1. The replacement of advanced anti DDoS servers, as its name implies, is a server with defense. Such servers are generally deployed in advanced anti DDoS data centers, which have powerful defense equipment and networks, and can respond to various DDoS attacks. The defense capability of the data center is generally charged, for example, the 100G peak value is about 2000 per month, and the 300G peak value is more than 3000 per month. In this way, the data center will set the corresponding defense capability for each advanced anti DDoS server IP, and when your DDOS peak value exceeds the limit, the data center will temporarily stop you Practical experience of using advanced anti DDoS IP to defend 427G DDOS attacks Some time ago, this client of the Hosting Group was attacked by DDOS for more than 300G, and today the attack exceeded 400G, which directly led to the temporary blocking of two advanced anti DDoS IPs. Fortunately, we used the DNS automatic monitoring and switching function to adjust DNS in a timely manner and automatically switch the available advanced anti DDoS IP. We know that if we use a single advanced anti DDoS IP to hard fight against DDOS attacks, the loss will be very large, because the price of DDOS defense over 300G is quite expensive. We used two 300G advanced anti DDoS IPs to switch in turn, and finally used Tencent Cloud Security CDN to Alibaba Tencent ECS shields Censys to prevent hackers from querying website server IP Censys is a real website. You can find the source server IP of the website that has used the CDN through various scans. You can not only find the server IP through the SSL certificate, but also scan the entire network IP to analyze which domain name the IP is bound to. It is absolutely necessary for hackers to attack websites. In order to prevent hackers from finding the source server IP address of the website, the most direct way is to block all Censys scanning IP addresses through the server security group. 162.142.125.0/24 167.94.138.0/24 167.94.145.0/2…... What are the risks of websites using advanced anti DDoS CDNs from small service providers Recently, a webmaster contacted Mainframe Help to buy advanced defense CDN. The customer had contacted Mainframe Help before, but later, because the price here was higher, he didn't buy it. Later, he went to buy the products of a small service provider. Mainframe Help thought this was over. Unexpectedly, the customer contacted Mainframe Help again and said he would buy it next month. The reason is as follows: So, Today, I will show you the risks of using advanced defense CDN from small service providers under popular science: 1. Unstable. This is the most common phenomenon. Small services often have limited resources and cannot defend against large attacks. Once encountering a large attack, it will affect the entire network, even if it is not you Use advanced anti DDoS CDN to hide the server IP, but the source server is always found Recently, the host helped a customer access Baidu Cloud Protection, and the server was replaced with a new IP, which was hidden by Baidu Cloud Protection CDN. As a result, the server was again DDOS within two days. After confirming that the new IP address has not been used and the domain name has not been analyzed and exposed, we found that the source server IP address can be easily found by querying the domain name through centsys. The original source server of the client leaked the source server IP when deploying the SSL certificate. In some cases, if the server IP does not deploy the SSL certificate, it will default to the first network of the server Baidu Cloud Protection has updated the security report function Today, some students logging on Baidu Cloud Protection Management must have noticed that the security report of Baidu Cloud Protection has been updated. The data available has increased, such as security rule updates, protection domain names, number of attacks on domain names, CC attacks, etc. It allows us to intuitively view the security protection of the website, which is a very good update. At present, Baidu Cloud Protection is updated almost every month, and the product is constantly improving. Students who need it can contact the mainframe help to buy it at a preferential price The customer's website was attacked by DDOS at the weekend and the defense experience exceeded 300G Last week, the host helped a customer website here who purchased advanced anti DDoS IP defense services to encounter a DDOS attack of more than 200G, resulting in the continuous blocking of advanced anti DDoS IP. Due to continuous excessive attacks, the advanced anti DDoS IP was blocked as soon as it was recovered, and the machine room extended the unblocking time, which was up to half an hour, causing serious impact on customer business. At about 11:00 pm, the attack exceeded 300G! For this reason, the Hosting Gang believes that upgrading higher defense is not meaningful. The first higher defense is expensive, and the second hacker may be able to hit a higher volume. Therefore, with the suggestion of the host help, we have adopted disaster recovery switchover
