Category: Security

A Case Study of SEO Spam Ads Injected on a Website

Symptom: When getting indexed by Baidu, Google, and other search engines for SEO, there are often many ad links pointing to your site.
Take Baidu as an example. Enter the following into Baidu (replace the domain with your own): site:www.domain.com and you will see many spam links:

Through …

How to Set Website Directory Permissions on Linux

Improper website directory permission settings can easily lead to site defacement and malware injection. The correct approach is to follow the principle of least privilege. For example, website files should generally be set to 644 permissions, while folders should be set to 755 permissions.

GPG Encryption Tool: Protect Your Privacy

GPG is an excellent open-source encryption tool. It effectively protects information content from eavesdropping and tampering, playing a crucial role in safeguarding personal privacy.
In the surveillance programs conducted by the United States in previous years, it successfully protected whistleblowers such as…

How to Handle Abnormal Logins After Server Host Scanning

During website operation, the server is frequently scanned, and the cloud hosting panel or system login logs often report anomalies. You can apply the optimizations below. Alibaba Cloud warns of brute-force attacks and abnormal logins by unauthorized users, as follows:
System log characteristics are shown below (using Linux as an example here), with numerous failed login users and IPs, and the logs …

DDoS Attack Defense Experience Summed Up from Losing Hundreds of Thousands!

I have been in the cybersecurity industry for 20 years, with 15 years of DDoS defense experience. I have been cheated many times (they all claimed to defend against 300G or 500G, but failed after purchase). This article will explain what DDoS attacks are, how small and medium-sized enterprises can defend against them, and the costs involved.
In 2004, I remember going to the data center at 2 AM with a screwdriver for maintenance because of a DDoS attack. The police mistook me for a thief…

Windows System Virus Fix: All EXE Files Won’t Open

I recently misclicked a program and ended up with a Windows virus infection — all executable files, even cmd, became impossible to run. Here’s how to fix it.

Right-click on the desktop, create a new text file, and enter the following:
assoc.exe=exefile
ftype exefile="%%1"%%*

Then change the file extension from txt to bat and double-click to run it …

How to Gain Server Control Using Weevely Backdoor

Project URL: https://github.com/epinna/weevely3
Weevely is a web shell generation tool (PHP only) that creates PHP trojan programs to gain server access.
Here we use Kali Linux as an example. For other systems, install the tool first, then proceed: Generate file…