plus钱包受黑客攻击_如何保护您的在线业务免受黑客攻击

plus钱包受黑客攻击

您的企业安全吗？ (How safe is your business?)

The news that’s made every business think twice about its vulnerability to hacking in 2015 is the attack on Ashley Madison. The public release of millions of user details, company banking data and other sensitive information brought the company to a standstill; and with disgruntled customers bringing a £367 million lawsuit against it, the future of the company remains in the balance.

让每家企业三思而后行的新闻是2015年对Ashley Madison的攻击。 公开发布的数百万个用户详细信息，公司银行数据和其他敏感信息使公司陷入停顿； 而且，由于心怀不满的客户对它提起了3.67亿英镑的诉讼，因此公司的未来仍处于平衡状态。

But it’s not the only high profile company to succumb to hacking. 2015 has seen 2.4 million Carphone Warehouse customers have their personal data and bank details compromised whilst an automated computer program, searching for vulnerabilities in British Airways online security, managed to access account details of tens of thousands of frequent flyers. And these are not the only household names to get stung by cyber criminals over the last few years: eBay, TK Maxx, Sony, JP Morgan, Staples and Adobe have all fallen victim.

但这并不是唯一屈服于黑客攻击的知名公司。 到2015年，有240万名Carphone Warehouse客户的个人数据和银行详细信息遭到破坏，同时，自动计算机程序搜索了英国航空公司在线安全漏洞，并设法访问了成千上万名常旅客的帐户详细信息。 在过去的几年中，这些并不是唯一被网络罪犯ung住的家喻户晓的名字：eBay，TK Maxx，索尼，JP摩根，史泰博和Adobe都是受害者。

And it’s not just blue chip companies that are finding themselves under attack, either. According to Symantec, 66% of targeted cyber-attacks are on SMEs and the UK is second only to the USA in terms of the numbers of attacks. With the rise of automated hacking tools, which scan vast swathes of the internet looking for vulnerabilities in servers and sites, the risk of attack is increasing. Symantec saw 317 million new pieces of malware released during 2014 and, according to Sophos, 30,000 websites are infected with them every day, the majority being small business websites.

发现受到攻击的不仅是蓝筹股公司。 根据赛门铁克的资料，针对目标的网络攻击中有66％是针对中小企业的，就攻击次数而言，英国仅次于美国。 随着自动黑客工具的兴起，这种工具会扫描互联网的广阔区域，寻找服务器和站点中的漏洞，因此遭受攻击的风险正在增加。 Symantec(赛门铁克)在2014年期间发现了3.17亿新恶意软件，据Sophos称，每天有30,000个网站被感染，其中大多数是小型企业网站。

Whilst the consequences of being hacked vary, the impact can be devastating. Depending upon the nature of the attack, your entire online operations can be closed down; the personal data of customers, partners and employees can be stolen and sold on to third party criminals; business banking data can be exploited and malicious software can be hidden on your system to infect the technology people use to visit your site.

尽管被黑客入侵的后果各不相同，但其影响却是灾难性的。 根据攻击的性质，可以关闭您的整个在线操作。 客户，合作伙伴和员工的个人数据可能被盗并出售给第三方罪犯； 商业银行数据可以被利用，恶意软件可以隐藏在您的系统上，以感染人们用来访问您的网站的技术。

All of these, of course, have potentially huge financial implications: loss of business, fraud, lawsuits, compensation, IT fees for fixing the vulnerability – the list goes on. The theft of intellectual property and industrial espionage alone cost UK companies nearly £17 billion in 2011.

当然，所有这些都可能带来巨大的财务影响：业务损失，欺诈，诉讼，赔偿，修复漏洞的IT费用–清单还在继续。 仅在2011年，知识产权盗窃和工业间谍活动就使英国公司损失了将近170亿英镑。

骇客类型以及如何防范 (Types of hacks and how they can be protected against)

There are various ways hackers can target your business, below we cover some of the more common attacks and how you can protect against them.

黑客可以采用多种方式来锁定您的业务，以下我们将介绍一些较常见的攻击以及如何防范这些攻击。

社会工程学 (Social engineering)

In social engineering, the main vulnerability that hackers exploit is people. Hackers use a variety of techniques to manipulate people into to either divulging sensitive information directly or by installing malicious software on a machine on their PC.

在社会工程中，黑客利用的主要漏洞是人。 黑客使用各种技术来操纵人们，使其直接泄露敏感信息，或者通过在PC机上安装恶意软件来操纵人们。

社会工程的常见示例包括： (Common examples of Social engineering include:)

1.网络钓鱼。 (1. Phishing.)

One of the most common and well known tactics where scam emails contain links which, when clicked on, either install malware or take the victim to a specially grafted website that is then used to extract information such as usernames and passwords.

骗局电子邮件包含链接的最常见和众所周知的策略之一，当单击链接时，链接要么安装恶意软件，要么将受害者带到专门嫁接的网站，然后该网站用于提取用户名和密码等信息。

2.诱饵。 (2. Baiting.)

This is where infected devices, like USB drives, are left in offices in the hope someone will plug it in to see what’s on the drive, software on the drive can be configured to either auto run or trick the staff member into executing a file thus infecting the target machine.

这是被感染的设备(如USB驱动器)留在办公室的地方，希望有人将其插入以查看驱动器中的内容，驱动器上的软件可以配置为自动运行或诱使工作人员执行文件，从而感染目标计算机。

3.借口。 (3. Pretexting.)

This is where an attacker will impersonate somebody in an attempt to trick the staff member into divulging sensitive information, for example an attacker may call pretending to be a manager requesting a password reset, often an elaborate back story will be provided and will often involve ‘sweet talking’ or ‘bullying’ the victim into bypassing security procedures.

在这里，攻击者会冒充他人，企图诱骗工作人员泄露敏感信息，例如，攻击者可能假装为要求密码重设的管理员，通常会提供详细的背景信息，并且经常涉及“甜言蜜语或“欺负”受害者绕过安全程序。

如何保护您的企业免受社会工程攻击。 (How to protect your business from social engineering attacks.)

The solution to preventing attacks by social engineering is to have water tight procedures and well trained staff.

防止社会工程学攻击的解决方案是拥有水密程序和训练有素的人员。

1.自学。 (1. Educate Yourself.)

Keep yourself up to date on the latest developments in cyber-crime and the types of attacks that are perpetrated, hackers are constantly evolving and developing new techniques so it is important you keep on top of the latest developments.

随时了解网络犯罪的最新发展和所发生的攻击类型，黑客在不断发展和开发新技术，因此，掌握最新发展非常重要。

2.制定安全策略。 (2. Have a security policy in place.)

Have a written security policy and make sure all staff understand it, many organisations now require employees to sign a security policy. Procedures need to be kept up-to-date to deal with the changing face of cyber-attacks and should follow the guidelines laid down in the data Protection Act.

拥有书面的安全策略并确保所有员工都理解它，许多组织现在要求员工签署安全策略。 需要及时更新程序以应对不断变化的网络攻击，并应遵循《数据保护法》中规定的准则。

All new and temporary staff should be given induction training and existing staff need refresher courses when new procedures need to be followed.

所有新员工和临时员工都应接受上岗培训，而当需要遵循新程序时，现有员工则需要进修课程。

3.提升意识。 (3. Promote awareness.)

Make sure staff are made aware of any new techniques hackers are using and how they can identify and protect against them. Have procedures in place for staff to report any suspicious activity, hackers may make multiple attempts until they can find a member of staff they can

确保员工了解黑客正在使用的任何新技术，以及他们如何识别和防御黑客。 有适当的程序让工作人员报告任何可疑活动，黑客可能会进行多次尝试，直到他们找到可以找到的工作人员为止

manipulate into getting what they want, by encouraging staff to report suspicious activity you can take preventative action.

通过鼓励员工举报可疑活动来操纵自己想要的东西，您可以采取预防措施。

4.不要害怕挑战别人。 (4. Don’t be afraid to challenge somebody.)

Whether it is an onsite visitor or a caller, staff should never be afraid to challenge somebodies identify. One common technique is for the hacker to put pressure on the target through either a false sense of urgency, perceived seniority or just plain persistence, it is important staff stick to procedure and don’t succumb to these pressures.

无论是现场访问者还是呼叫者，工作人员都应该从不惧怕挑战某些机构。 对于黑客来说，一种常见的技术是通过错误的紧迫感，可感知的资历或仅仅是简单的持久性对目标施加压力，重要的是员工必须坚持程序并且不要屈服于这些压力。

5.以身作则。 (5. Lead by example.)

As a manager it can be tempting to have the staff break procedure when it’s you that requires information, doing so leads to complacency which can negate any prior training that has been given to staff.

作为一名经理，当您需要信息时，很可能会制定员工休息程序，这会导致自满，这会否定先前对员工进行的任何培训。

服务器漏洞 (Server vulnerabilities)

Server vulnerabilities are weaknesses in the operating system and/or software installed on the server either as the result of a poor security policy, software misconfiguration or bug.

服务器漏洞是由于安全策略不良，软件配置错误或错误而导致的服务器上安装的操作系统和/或软件的弱点。

Successful attacks against a vulnerable server are often disastrous for the target as the end result is nearly always full unrestricted access to the server for the attacker.

对目标服务器的成功攻击通常会对目标造成灾难性的后果，因为最终结果是攻击者几乎总是可以不受限制地完全访问服务器。

这种类型的常见攻击包括： (Common attacks of this type include:)

1.暴力攻击。 (1. Brute force attacks.)

These target services that require username and password authentication to access the service, for example SSH on Linux and RDP on Windows servers are common targets.

这些需要用户名和密码身份验证才能访问该服务的目标服务，例如Linux上的SSH和Windows服务器上的RDP是常见的目标。

These types of attacks tend to be automated and have become more sophisticated of time, as more and more password data has become available to hackers through previous successfully hacks patterns have emerged into how humans select passwords, these patterns have been exploited to greatly increase the success rates of brute force hacks.

随着越来越多的密码数据通过以前成功的黑客方式可供黑客使用，这种类型的攻击往往会自动进行，并且时间变得越来越复杂，人们已经逐渐掌握了如何选择密码的黑客模式，这些模式已被利用来极大地提高成功率。暴力破解率。

2.软件利用。 (2. Software Exploits.)

Modern software is extremely complex and often contains millions of lines of code, as a result there are bugs in most software some of which can be exploited to allow hackers to gain access to a server.

现代软件非常复杂，通常包含数百万行代码，因此大多数软件中都有错误，其中一些漏洞可以被利用以允许黑客访问服务器。

It is a never-ending race between hackers and software developers to locate these bugs, in the case of the software developers so they can patch vulnerabilities before they can be exploited by hackers while the hackers off course want to find them first to exploit them for as long as possible until they are patched.

在软件开发人员的情况下，黑客和软件开发人员之间无休止的比赛来定位这些错误，以便他们可以先修补漏洞，然后黑客才能利用这些漏洞，而黑客当然希望先找到它们以利用这些漏洞。尽可能长的时间，直到它们被修补为止。

One recent example of this was the Heartbleed bug which potentially allowed hackers to exploit weaknesses in website encryption to obtain login information, there was a significant period between the bug being found and a patch being released so mitigation was a priority.

最近的一个例子是Heartbleed错误，它可能使黑客利用网站加密中的弱点来获取登录信息，在发现该错误与发布补丁之间有一段相当长的时间，因此，将缓解作为首要任务。

如何防范服务器漏洞 (How to protect against server vulnerabilities)

Having a thorough security policy in place in place is key to keeping your server secure, below are some of the ways you can achieve this:

制定周全的安全策略是确保服务器安全的关键，以下是实现此目的的一些方法：

1.制定防火墙策略。 (1. Put in place a firewall policy.)

Many attacks can be avoided altogether by simply ensuring vulnerable services are not accessible in the first place, using a firewall access ports can be restricted so they are only available from trusted locations (for example your company offices), hackers can’t target a service they can’t see online.

只需简单地确保一开始就无法访问易受攻击的服务，可以完全避免许多攻击，可以使用防火墙访问端口进行限制，以便仅在受信任的位置(例如，您的公司办公室)可以使用它们，黑客无法将服务定位为目标他们看不到在线。

Only ports that absolutely must be publically available to deliver your services should be unrestricted, for example in the case of a server that is used only to deliver a website this would consist of just HTTP (80) and HTTPS (443) ports, all other ports should be either locked down completely or only accessible via trusted IP addresses.

仅绝对必须公开可用于提供服务的端口不受限制，例如，在仅用于提供网站的服务器的情况下，该端口仅由HTTP(80)和HTTPS(443)端口组成，所有其他端口端口应该完全锁定，或者只能通过受信任的IP地址访问。

2.启用入侵防御系统(IDS / IPS)。 (2. Enable Intrusion prevention systems (IDS/IPS).)

Intrusion prevention systems monitor network traffic or service logs for suspicious activity and stop any attempted intrusion. If a hacker is bombarding your site with thousands of attempts to log in, these systems can quickly find out the source of the attack and block the IP address of the attacker. At eUKhost, we think these systems are so important that they are pre-enabled on our all servers that have the latest versions of Plesk and cPanel installed.

入侵防御系统监视网络流量或服务日志中的可疑活动，并阻止任何尝试的入侵。 如果黑客通过数千次尝试攻击您的站点，则这些系统可以快速找出攻击源并阻止攻击者的IP地址。 在eUKhost ，我们认为这些系统是如此重要，以至于我们在装有最新版本Plesk和cPanel的所有服务器上都已预先启用了这些系统。

3.制定修补程序和更新策略。 (3. Have patching and update policy in place.)

It is good practice to have an update and patching policy; at eUKhost, it’s a standard part of the management service we provide for our customers. Software updates and patches are not only issued by developers to fix bugs but also to address security vulnerabilities which have recently come to light, so it’s important they are kept up-to-date.

最好有一个更新和修补策略。 在eUKhost，这是我们为客户提供的管理服务的标准部分。 软件更新和补丁不仅由开发人员发布，以修复错误，而且还可以解决最近发现的安全漏洞，因此，使它们保持最新很重要。

4.确保已制定密码策略。 (4. Ensure you have a password policy in place.)

A good password policy is also important for increasing security. Ensuring everyone has strong passwords which are changed on a regular basis and kept secret is standard practice for most organisations these days. It’s an easy but effective way to reduce the chances of being hacked. Both Plesk and cPanel have controls built in that can be used to enforce minimum password strengths.

良好的密码策略对于提高安全性也很重要。 目前，对于大多数组织来说，确保每个人都具有强健的密码(可以定期更改并保密)是标准做法。 这是减少被黑客攻击的机会的简单但有效的方法。 Plesk和cPanel都内置有控件，可用于强制使用最低密码强度。

5.安装新的服务器软件时请小心。 (5. Be careful when installing new server software.)

With modern package managers such as YUM & APT installing software is often a very easy task, however, configuring software securely for a production environment can often be a far more complex and it can be easy to leave software open to exploitation, for example forgetting to change a default password.

对于现代软件包管理器(例如YUM和APT)来说，安装软件通常是一项非常容易的任务，但是，针对生产环境安全地配置软件通常要复杂得多，并且很容易使软件易于使用，例如忘记更改默认密码。

If you are an eUKhost client and are unsure about how to configure a software package then please contact our management team and they will be happy to advise.

如果您是eUKhost客户端，不确定如何配置软件包，请联系我们的管理团队，他们将很乐意为您提供建议。

By doing the above the majority of attacks can be either avoided altogether or greatly mitigated, if you want the very best in protection then invest in a hardware based firewall such as our own Fortigate security appliance, this unifies firewall services, IDS/IPS, malware protection, application firewall and DDoS protection into single devices that can protect multiple servers.

通过上述操作，可以完全避免或完全缓解大多数攻击，如果您想要最好的防护，则可以购买基于硬件的防火墙，例如我们自己的Fortigate安全设备，这可以统一防火墙服务，IDS / IPS和恶意软件保护，应用程序防火墙和DDoS保护集成到可以保护多台服务器的单个设备中。

eUKhost management services also include free consultancy to help clients develop an appropriate security policy for their specific needs.

eUKhost管理服务还包括免费咨询，以帮助客户制定针对其特定需求的适当安全策略。

应用程序和网站漏洞 (Application & Website Vulnerabilities)

Unfortunately, it’s not just your server which is vulnerable to attack; sometimes it’s the applications that you run on it. This is especially the case with common platforms used to build websites, like WordPress and Magento. According to Alexa, 70% of the world’s top ranking WordPress sites are vulnerable to attack and there are three main attack vectors that hacker exploit to gain access: poorly configured servers; weak usernames and passwords to the admin panel or FTP account; and software vulnerability, such as using older versions of the platform or plugins.

不幸的是，不仅服务器容易受到攻击，而且还容易受到攻击。 有时是您在其上运行的应用程序。 对于用于构建网站的常用平台，例如WordPress和Magento，尤其如此。 根据Alexa的说法，全球排名最高的WordPress网站中有70％容易受到攻击，黑客利用三种主要的攻击媒介来获取访问权限：配置错误的服务器； 管理员面板或FTP帐户的用户名和密码薄弱； 和软件漏洞，例如使用较旧版本的平台或插件。

1.跨站点脚本。 (1. Cross-site scripting. )

Here, the hacker inserts malicious code onto a link on your website so that, when one of your visitors clicks on the link, malware infects their computer and allows information to be stolen.

在这里，黑客将恶意代码插入到您网站上的链接上，以便当您的访问者之一单击该链接时，恶意软件感染其计算机并允许信息被盗。

As the attackers is targeting your visitors this can have a disastrous effect on your reputation and will often result in your site being blacklisted and blocked by search engines.

由于攻击者以您的访问者为目标，因此这可能会对您的声誉造成灾难性的影响，并且通常会导致您的网站被列入黑名单并被搜索引擎阻止。

2. SQL注入。 (2. SQL injection.)

Where a hacker will find a form that needs to be filled in on your website, such as a newsletter subscription form, but instead of typing in a name and email address, they will type in SQL computer code that allows them access to your database. From here they can potentially download all the information stored on your database including the personal details of customers.

黑客会在其中找到需要在您的网站上填写的表格(例如新闻通讯订阅表格)，但是他们没有输入名称和电子邮件地址，而是输入允许他们访问您数据库SQL计算机代码。 他们可以从此处下载存储在数据库中的所有信息，包括客户的个人详细信息。

3.中间的人。 (3. Man in the middle.)

In a man in the middle attack the hacker intercepts communication between your website the visitor. One example of how this works is when malware is sent from your website to the visitor’s browser. Once installed, the visitor is then redirected to a different site that looks just like yours. Any information they then provide is given, unwittingly, to the hacker.

在中间人攻击中，黑客拦截了您的网站与访客之间的通信。 一种示例是如何将恶意软件从您的网站发送到访问者的浏览器。 安装后，访问者将被重定向到外观与您相似的其他站点。 他们随后提供的任何信息都会不经意间被提供给黑客。

如何防范应用程序漏洞 (How to protect against application vulnerabilities)

Failure to protect vulnerable applications from being exploited can have seriously damaging consequences and so preventing an attack should be a priority. To do this there are a number of things you need to do.

无法保护易受攻击的应用程序不被利用可能会造成严重的破坏性后果，因此应优先考虑防止攻击。 为此，您需要做很多事情。

1.使您的应用程序保持最新。 (1. Keep your application up to date.)

Firstly, you should keep your application and any associated plugins up-to-date. If you are a WordPress user and you have a control panel that uses Plesk 12 or higher this is made easier through the inbuilt WordPress hardening and update tools, these allow you to security check every plugin and software update so that vulnerabilities are quickly spotted.

首先，您应该使您的应用程序和任何相关的插件保持最新。 如果您是WordPress用户，并且拥有使用Plesk 12或更高版本的控制面板，则可以通过内置的WordPress强化和更新工具来简化此操作，这些工具可让您安全地检查每个插件和软件更新，以便Swift发现漏洞。

Most applications such as Magento and WordPress now come with version checking tools however these tend to require running manually so check often for updates.

大多数应用程序(例如Magento和WordPress)现在都带有版本检查工具，但是这些工具往往需要手动运行，因此经常检查更新。

2.遵循最佳实践准则。 (2. Follow best practice guidelines.)

Most application include best practice guidelines for security, read these carefully and apply any recommendations.

大多数应用程序都包含有关安全性的最佳实践准则，请仔细阅读这些准则并应用所有建议。

3.注册 开发人员的邮件列表或论坛。 (3. Sign up for the developer’s mailing list or Forum.)

Most application developer sites have security related mailing lists or forums, sign up to these and act upon any recommendations.

大多数应用程序开发人员站点都有与安全性相关的邮件列表或论坛，请对其进行签名并根据任何建议采取行动。

When vulnerabilities are found it can take time before a patch is released, often developers will provide information via their mailing list or forum detailing how to mitigate the issue in the meantime.

一旦发现漏洞，发布补丁可能需要一段时间，开发人员通常会通过其邮件列表或论坛提供信息，详细说明如何同时缓解该问题。

4.使用 .htaccess 文件 保护您网站的易受攻击区域 。 (4. Protect vulnerable areas of your website using .htaccess files.)

If you use Apache then a great line of defence is to use .htaccess files to protect the vulnerable areas of you website such the admin interface. This can be used for a wide range of security measures including: preventing access to databases, stopping hackers being able to browse your directories, denying access to files, password protecting directories and limiting access to your admin area to specific IPs.

如果使用Apache，则最好的防御方法是使用.htaccess文件来保护网站的易受攻击区域，例如管理界面。 这可用于多种安全措施，包括：防止访问数据库，阻止黑客能够浏览您的目录，拒绝访问文件，使用密码保护目录以及将对您的管理区域的访问限制为特定IP。

5.启用入侵防御系统(IDS / IPS)。 (5. Enable Intrusion prevention systems (IDS/IPS).)

Both Plesk & cPanel come with intrusion prevention system that can be configured for certain applications, for example fail2ban built into Plesk has predefined rulesets for WordPress which can be enabled.

Plesk和cPanel都带有可针对某些应用程序配置的入侵防御系统，例如，内置在Plesk中的fail2ban具有可启用的WordPress预定义规则集。

6.启用应用程序防火墙。 (6. Enable an application firewall.)

Application firewalls work by using predefined ruleset to sanitise or block HTTP requests that do not conform to the rules, for example if a request includes an SQL query which should not be part of HTTP request (SQL injection) the firewall will block the request before it is executed by your application.

应用程序防火墙通过使用预定义的规则集来清理或阻止不符合规则的HTTP请求来工作，例如，如果请求中包含不应属于HTTP请求(SQL注入)SQL查询，则防火墙将在请求之前阻止该请求由您的应用程序执行。

The most widely known application firewall is mod_security which is now built into Plesk and cPanel on our Linux servers and comes with a number of custom ruleset that can be enabled.

最广为人知的应用程序防火墙是mod_security，它已内置在我们Linux服务器上的Plesk和cPanel中，并带有许多可启用的自定义规则集。

When properly configured an application firewall can be extremely effective at blocking cross-site scripting and SQL injection attacks.

正确配置后，应用程序防火墙可以非常有效地阻止跨站点脚本和SQL注入攻击。

7.启用站点范围的SSL (7. Enable site wide SSL)

Encryption is another layer of security that will prevent hackers from accessing important data. By enabling site wide SSL, (Secure Sockets Layer) you can easily establish an encrypted link between a server and a client. This will help keep personal data, credit card information and passwords safe during transmission thus preventing man in the middle attacks.

加密是另一安全层，它将阻止黑客访问重要数据。 通过启用站点范围的SSL(安全套接字层)，您可以轻松地在服务器和客户端之间建立加密链接。 这将有助于在传输过程中确保个人数据，信用卡信息和密码的安全，从而防止中间人受到攻击。

It should be noted that the google now provide a ranking boost for sites using site wide SSL so this is another reason to enable this.

应该注意的是，谷歌现在为使用站点范围SSL的网站提供排名提升，因此这是启用此功能的另一个原因。

8.使用漏洞扫描程序。 (8. Use a vulnerability scanner.)

By using a vulnerability scanner such as our own MTv scan, these will undertake a deep scan of your website for known vulnerabilities, malware and intrusions as well as check your website’s reputation and see whether your website and email addresses have been blacklisted. As a result, this prevents infection and helps resolve issues with your website’s authority across the internet.

通过使用漏洞扫描程序(例如我们自己的MTv扫描)，这些漏洞扫描程序将对您的网站进行深度扫描，以查找已知漏洞，恶意软件和入侵，并检查您网站的信誉，并查看您的网站和电子邮件地址是否已被列入黑名单。 因此，这可以防止感染，并有助于解决您的网站在互联网上的权限问题。

9.定期备份。 (9. Backup regularly.)

The final thing you should do is to regularly back up your files. Should the worst ever happen and you find your site has been hacked, the files on your server may be infected or even deleted. If you have your files backed up it means that restoring your website can be an easy thing to do. If you don’t, you may have to rebuild the website from scratch: programs, content and database.

您应该做的最后一件事是定期备份文件。 如果发生最严重的情况，并且您发现自己的网站已被黑客入侵，则服务器上的文件可能已被感染甚至被删除。 如果您备份了文件，则意味着恢复网站很容易。 如果您不这样做，则可能必须从头开始重建网站：程序，内容和数据库。

综上所述 (In Summary)

Of course, the easiest solution to prevent hacking is to ensure you choose a web host that provides robust and comprehensive security. At eUKhost, all our VPS, enterprise cloud and dedicated servers come with management services that can be called upon to harden servers and protect against attacks.

当然，防止黑客入侵的最简单解决方案是确保您选择可提供强大而全面的安全性的Web主机。 在eUKhost，我们所有的VPS，企业云和专用服务器都带有管理服务，可以调用这些服务来加固服务器并防御攻击。

If you are concerned about your website security and want to know how eUKhost can help protect your business, call us on 0800 862 0380 or click the live chat button at the top of the page.

如果您担心自己的网站安全，并且想了解eUKhost如何帮助保护您的业务，请致电0800 862 0380或单击页面顶部的实时聊天按钮。

 

翻译自: https://www.eukhost.com/blog/webhosting/how-to-protect-your-online-business-from-hackers/

plus钱包受黑客攻击