In today's digital age, there are a dazzling array of website building tools on the Internet, such as WordPress, Halo, etc. You can easily deploy your favorite website to the public network with just one click of a command. However, there are many network security risks hidden behind this.
In the dark places of the internet, there are always people with malicious intentions snooping around your site. They usually do not directly destroy the website, but steal data and sell it to fraud gangs, or are instructed by competitors to launch DDoS attacks, making it impossible for normal users to access the website. There is also a more covert method, which is to use vulnerabilities in open source tools to inject scripts or even use servers for mining. Most open source website building tools are not perfect in terms of network security, so we must increase our awareness of prevention. Before using open source tools, search for their security risk reviews and try to avoid versions and secondary development projects with security risks. For business-critical code, data security must be taken seriously. For example, in an e-commerce website project, it was found that the original author failed to intercept ratings and unauthorized access, resulting in the account of store B being able to obtain the operational data of store A by modifying the store ID in the post request. Such data breaches, if exposed, can not only damage a company's brand and customer trust, but also expose the company to legal liability. It can be seen that network security is very important and there is no room for sloppiness.
Given that many people don’t understand coding and lack relevant experience, it is inevitable to use professional tools to ensure network security. Today I would like to recommend to you a domestic WAF artifact that ranks first on GitHub - Leichi WAF. This is also a tool that I have been using. Its GitHub address has a detailed project introduction and defense attack types. Next, let’s take a look at the installation steps: Chinese users have a separate installation method, providing automatic installation and manual installation. We choose automatic installation and copy the LTS version command to the console for execution. Installation takes about two to three minutes. Afterwards, you need to configure the release rules for port 9443, taking Alibaba Cloud as an example. Other cloud servers operate similarly. After the installation is complete, access the Leichi management panel in your browser, and then configure the sites that need to be protected. You can add one or more sites according to the actual situation. What needs to be noted here is that if you want the thunder pool and the website to be on the same server, the thunder pool port needs to be set to 80 or 443, and the business website port may need to be changed; if they are on different servers, there is no port occupation problem, and the port can be set at will . The schematic diagram provided by the official website clearly shows that Leichi intervenes in the form of a reverse proxy, receives traffic before the commercial website server, detects and cleans the attack behavior in it, and finally forwards the cleaned traffic to the commercial website server. Officials recommend that mining pools and commercial websites be deployed separately to avoid mutual influence.
After the configuration was completed, we conducted a series of tests on the mining pool. The first is the SQL injection request, which was successfully intercepted by Leichi, and the intercepted page showed a specific style; JS script attacks were also intercepted; the common behavior of scanners pulling website data is also within the interception range of Leichi; including hacker theft CSRF attacks that identify and send illegal requests, as well as Java deserialization attacks that exploit deserialization vulnerabilities to implant malicious codes or commands, were successfully intercepted by Leichi. Due to limited time, only the interception effects of some attacks are demonstrated here. Lei Chi can intercept a variety of attacks and will continue to be upgraded and improved in the future. It is recommended that you experience more protection strategies yourself.
For enterprises or users with higher requirements, Leichi provides a professional version. In addition to the functions of the open source version, the professional version also has many advanced gameplay. For example, through advanced statistical functions, users can view WAF protection status in different time dimensions, and the indicators displayed are more abundant and professional; customized interception pages can be uploaded according to different interception scenarios, greatly improving the user experience. For example, a 404 page can be used to house a missing child. Information, human-computer interaction interface or sliding verification code page, etc.; there is also an upstream load balancing function for protecting the site that the open source version does not have. When the backend servers are distributed and there are many nodes, you can set up a load balancing algorithm to evenly distribute traffic and effectively improve the overall throughput capacity. In terms of detection engine performance mode, the community version has a maximum QPS of 2000 and can only be single-threaded, while the professional version supports multi-threading. Theoretically, the higher the configuration, the greater the QPS it can afford, which is tens of thousands.
In order to give everyone the opportunity to experience the professional version of Lei Chi, the author contacted the students in Changting and asked if a batch of experience quotas (CJ) could be given away in the form of a lottery. Unexpectedly, Changting readily agreed. If you currently have needs in this area, you may wish to take this opportunity to participate. The way to participate is very simple, just leave a message "Leichi Professional Edition" in the comment area. The lottery results will be announced dynamically. Good luck to everyone in advance. At the same time, I also hope that friends who use it can provide more valuable opinions, which is crucial to the development of Leichi and even domestic WAF.
I hope that through the above introduction, everyone can have a more comprehensive understanding of Leichi WAF, pay attention to network security, and protect their own websites. If you have other questions about network security or Leichi WAF, please leave a message in the comment area for discussion. Don’t forget to share this article to let more people pay attention to network security.
Share on Twitter Share on Facebook
Indie123
Comments
There are currently no comments