WEB security scanning
The security detection work is divided into WEB security scanning and manual system analysis. Professional WEB security scanning evaluation tools are used in the security scanning, and the tool automatic scanning is combined with manual sorting and analysis in the later stage.
Permeability test
The penetration test uses manual cooperation tools for detection, and simulates the discovery and utilization of vulnerabilities in the actual environment through the tools and analysis methods used by hackers, so as to finally obtain the security detection results and solutions.
Code level reinforcement
Research the current hacker technology and attack methods, find out the possible threat points, strengthen the system, eliminate the threat points and propose predictive solutions for the possible security problems; According to the security detection results, strengthen the vulnerabilities and propose solutions; Research and analyze security risks and patches published by relevant manufacturers and security agencies, and timely launch security upgrade packages. Based on the above points, security is strengthened from the code level, and corresponding update packages are provided for upgrading.
Reinforcement at configuration level
According to the results of security detection, adjust the configuration of the WEB server, such as upgrading Apache, setting reasonable directory permissions, and closing unnecessary methods.
Trojans rear door processing
According to the common characteristics of trojan files, a trojan scanning tool is developed. Use the trojan horse scanning tool to scan the specified directory on the server for file security according to the current security rule library, list the suspicious files and provide operations such as file viewing and deletion to avoid potential security risks.