Windows主机IIS7恢复实战
症状:administrator账号打不开c:/inetpub目录
原因:因为服务器被挂马,引起服务器异常所有的网页文件都放在c:/inetpub,于是造成网站全部崩溃
策略:挂起一块新磁盘作为系统,然后扫描磁盘杀死病毒和木马,恢复原磁盘的文件管理权限,切换到源磁盘启动
administrator账号打不开c:/inetpub目录,增加administrator账户,赋予完全权限,然后可以打开该目录
但此时iis打不开,根据提示需要打开was和w3svc
于是定位到计算机-》管理-》service-》world wide web publishing service-》start,出现下面的错误
这时我们需要打开另一个程序,windows process Acivation service->start结果出现下的错误。
http://technet.microsoft.com/en-us/library/cc734935%28WS.10%29.aspx
微软官网给出下面的解决方案:
The Windows Process Activation Service (WAS) generates temporary application pool configuration
files that it stores in the %SystemDrive%inetpubtempappPoolsdirectory by default. If you change this
location, WAS may not be able to find the directory.
To resolve this issue, make sure that the appPools directory meets the following requirements:
· The directory must exist.
· The directory cannot be on a UNC path.
· The directory must be available to WAS and should have the following permissions:
o SYSTEM: Full Access
o Administrators: Full Access
o IIS_IUSRS: Read
执行上面的步骤之后,按倒序打开上面的服务,依次ok,于是服务器恢复正常。
经过此次宕机告诉我们服务器的安全防护是这么的重要。