Small knowledge, big challenge! This article is participating in the creation activity of “Essential Tips for Programmers”.
WangScaler: A writer with heart.
Declaration: uneducated, if there is a mistake, kindly correct.
Hackers may feel far away from ordinary people, but for us programmers, they are not new, they are everywhere, like our servers deployed in the public network are subjected to malicious login by hackers every day. Let me show you my server.
As I took the screenshot, someone was trying to log in. With an undifferentiated login script like this, if your password is simple, you really are likely to be successful.
I’ve had two accidents because I didn’t set up encryption.
Redis
Once I wanted to use redis server for development, but I did not have Redis on hand, SO I first built a Redis database in my Ali Cloud server, because it was only for testing, and after a short time, the configuration was not modified, that is, I opened the port directly without setting secret protection. Later also forgot this matter, did not rest assured, who knows triggered a bigger accident.
Not long after that, Ali Cloud sent me a text message to alert me of a server exception. When I went to see it, I found it was not normal, the memory was directly full, and there was a large number of network transmission. I quickly turned off the Redis port, and found that it did not work, and my server had become a chicken used for mining. Baidu, Redis Chicken, you will find that many people have been in this situation.
Fortunately, there is nothing important on the server, so just reinstall the system.
Mongo
Not only Redis, once MONgo I also forgot to set the password, also was hacked, some time ago nuggets also sent articles about the server was hacked. That pressure test wrote a large amount of data to Mongo. After a few days, when I queried the data, I found that it was gone. When I opened the database, there was only a table with the contact information to extort bitcoin from me. Looking at the operation logs, he made a batch copy and deleted my data. Blackmailing me for bitcoin? Crazy, thank you for storing a lot of my useless test data.
conclusion
All is said and done, safety has to be taken seriously. Fortunately, there was nothing important, but if you accidentally leave a loophole in a formal environment, it could be too late to regret. If you want to avoid this problem, you have to.
-
Like the database can not open the net, try not to open. The Settings that must be open are open to the specified IP address.
-
A password must be set for opening to the Internet, and the password security must be high.
-
Make sure you back up important data.
-
Data should be distributed to avoid data loss caused by server downtime.
-
Avoid using the default port, such as redis has a vulnerability, people will take advantage of the opportunity to try the network port 3306, using a very useful port, can avoid a lot of (you use 8080 to open a TCP service, and then open a TCP service on an uncommon port, the comparison between the two, You will find that port 8080 receives a lot of random connections.
One can plant trees, and another can enjoy the shade. One step on the pit, the next generation continue to fall, hahaha.
Come all come, click “like” and then go!
Follow WangScaler and wish you a promotion, a raise and no bucket!