As a webmaster diligently editing and promoting content, earning advertising fees through hard work, increased site traffic often brings the threat of hacker attacks. My website has suffered death or paralysis twice due to attacks. The first time was when my Dreamweaver CMS (DedeCMS) was completely tampered with by gambling content, killing the site; the second just happened recently — repeated site paralysis and traffic fluctuations from a DDoS attack. Therefore, I’m summarizing common website attack methods and protection measures for my own and everyone’s reference. Since I am also a novice in security, this is written in layman’s terms. If there are any errors or omissions, I hope the experts will generously offer their guidance.
Common Website Attack Methods and Protection Measures

Type 1: Web Page Tampering
Attack Description: Exploiting website program vulnerabilities to implant trojans (webshell, cross-site scripting attacks), tamper with web pages, add hidden links or embed non-site information, or even create a large number of directory pages. Gambling attacks on DedeCMS are the most common.
Impact: Website information is tampered with, causing distrust among your visitors. When search engines (e.g., Baidu) and security platforms (e.g., Safe Union) detect that your site has been infected, they will display security risk warnings in search results, and both search engines and browsers will block access.
Handling Methods:
1. Program Configuration: Switch programs, update patches, fix vulnerabilities, set permissions, back up frequently.
2. Vulnerability Scanning: 360 Webscan, 360 Host Guard.
3. Appeal Platform: Safe Union.
Type 2: Traffic Attacks
Attack Description: CC Attack: Using proxy servers to simulate multiple users continuously making access requests to the website. DDoS Attack: Controlling multiple computers to send access requests to a website. CC attacks are the most common, using a large volume of data packets to overwhelm one or more routers, servers, and firewalls.
Impact: CC attacks can cause server CPU usage to peak at 100%, paralyzing the website so it cannot open normally, stopping the IIS service, and resulting in a 503 status that cannot auto-recover. Baidu spiders will be unable to crawl the site, leading to clearing of the index and rankings, and a drop in traffic. (This time, because I didn’t deal with it for 4 days during the Spring Festival, my site was cleared by Baidu, but fortunately, it was restored after an appeal. Thanks to competition from 360, Baidu is now quite diligent).
Handling Methods:
1. Choose large, secure hosting providers with firewalls: Alibaba Cloud, West.cn, Xinnet.
2. Website Monitoring: 360 Website Monitoring (Baidu Cloud Observation is not recommended, its alerts are 5 minutes slow and SMS notifications are unclear).
3. CDN Protection: Jiasule, Yundun (Baidu Cloud Acceleration is not recommended, it crashes after 1000 CC attacks; 360 Website Guard is not rated here as I didn’t pass its strict review).
4. Server Software: Server Guard Dog (do not install casually unless professional, as it may slow down your website), Website Guard Dog, Kingsoft Antivirus Enterprise Edition.
5. Appeal: Baidu Webmaster Platform.
Type 3: Database Attacks
Attack Description: SQL Injection: Inserting SQL commands into Web form submissions or query strings of input domain names or page requests, ultimately deceiving the server into executing malicious SQL commands.
Impact: Database intrusion, leakage of user information, tampering with data tables, and implanting backdoors. Database tampering is far more harmful than web page file tampering since web pages are generated through databases.
Handling Methods:
1. Add validation at various information submission boxes.
2. Use a database firewall.
3. Refer to the handling methods for Type 2.
Type 4: Malicious Scanning
Attack Description: Hackers use tools to automatically scan for vulnerabilities in order to attack a website.
Impact: Discovered vulnerabilities lead to subsequent attacks.
Handling Methods:
1. Close idle ports and modify default ports.
2. Refer to the handling methods for Type 2.
Type 5: Domain Name Attacks
Domain Theft: Domain ownership is transferred, or the domain registrar is changed;
DNS Hijacking: Forging a DNS server to direct users to an incorrect domain address;
Wildcard DNS Record Abuse: The domain is wildcard-resolved to many subdomains pointing to a hacker’s site. Chinese government domains and personal sites with high traffic are very popular with gambling hackers.
Impact: Losing control of the domain name, with the domain being bound and resolved to a hacker’s site. Wildcard resolution dilutes ranking weight, causing distrust from search engines and security platforms, leading to downgrades and blacklisting.
Handling Methods:
1. Choose large, well-known domain registrars, fill in real information, and lock the domain to prevent transfers: West.cn, Xinnet, GoDaddy. China Net.cn is not recommended due to its “harmonious” and impractical practices.
2. Ensure the security of the domain registration email account.
3. Choose large, stable DNS hosting providers like DNSPod, and lock the resolution records.
4. Appeal Platform: Baidu Webmaster Platform.