What is a CC attack? What is a DDOS attack?
CC attack is mainly used to attack pages, simulating multiple users to continuously access your page, thereby exhausting your system resources.
DDOS attack, which is called distributed denial-of-service attack in Chinese, refers to using server technology to unite multiple computers as an attack platform to launch DDOS attacks on one or more targets. .
An attack is to occupy a large amount of network resources through a large number of legitimate requests to achieve the purpose of paralyzing the network.
How to prevent CC attacks and DDOS attacks?
To prevent CC and DDOS attacks, you can only use hardware firewalls to clean traffic and introduce attack traffic into black holes.
For traffic cleaning, you mainly need to buy the anti-attack service from an ISP service provider. The computer room usually has free traffic.
What is website database injection
Due to the uneven level and experience of programmers, most programmers do not judge the legality of user input data when writing code.
The application has security risks. The user can submit a database query code and obtain some data he wants to know based on the results returned by the program. This is the so-called SQL injection.
SQL injection is accessed from a normal WWW port, and on the surface it looks no different from ordinary Web page access. If the administrator does not have the habit of checking logs, the intrusion may not be noticed for a long time.
How to filter and prevent?
If you inject this into the database web page, you can consider using nginx_waf for filtering and prevention.