Recently for a period of time, the company server always give the IP malicious attacks from these areas, the website is always down, which master can help see what reason, thank you very much!

CodePudding user response:

On the firewall, if flow attack is no solution,

CodePudding user response:

upstairs positive solutions

CodePudding user response:

Carefully check the firewall Settings, a firewall is a part of the network planning is very important, because it can make the company computer is not affected by the outside world malicious damage, first of all, don't release the IP address of the unnecessary, you should have at least a foreign IP address and all communications must be through this address, if you have registered DNS server, Web server or email these IP addresses are released through the firewall, however, workstations and other server IP address must be hidden,

CodePudding user response:

Server only open normal access to the required IP address and port, how possible deployment of firewall is to set up the DMZ area, WEB and application server in the DMZ, other servers on the network, the firewall open source address session limit protection strategy, and basic attack other regular safety assessment was carried out on the server, timely repair database, middleware, such as holes,

CodePudding user response:

Than to attack the log, if has been a relatively fixed IP address, the firewall add limit access to the web server strategy, this kind of situation at the time of attack is more effective and less IP address, to take temporary solution, if the number of IP address is also have to consider more of this,