Shulou(Shulou.com)06/02 Report--

Editor to share with you the dedecms solution to DDOS horse loopholes, I hope you will learn a lot after reading this article, let's discuss it together!

How does dedecms solve the DDOS horse loophole?

Dedecms is the famous php open source system in China, and it is also the preferred CMS system for many webmasters to build stations, and easy to use is one of the major reasons for its wide application, and it is precisely because of the open source of dedecms that many hackers have targeted this program, so they have successively studied a lot of dedecms loopholes, resulting in a considerable number of dedecms websites being hung up, and some have been warned by the computer room that serious computer rooms have been forcibly shut down, resulting in huge losses. Today, we will make a more in-depth analysis of this problem and find out the solution.

Recommended study: dream weaving cms

The characteristics of a hung horse:

Open the home page of your website and look at the source code to find that your site has been added a lot of black chain code, which is the simplest and most visible to webmasters. He is nothing more than the code of friendly links.

Another feature is that opening a website will lead to the risk of hanging a horse. This type of hanging code is generally a frame code or a js code or a picture code, and another feature is that the website will suddenly not open or open slowly, and check the traffic will find that it takes up a lot of traffic, that is to say, the characteristics of sending packets out of the traffic, also known as UDP traffic packet attacks. These are the general characteristics of the dedecms horse. Let's talk about the practical solutions and preventive measures of the website.

First of all, download the code of the website program to your own local, check it with the sinesafe Trojan removal tool, and find that there are many script Trojans in the data/cache/ directory. Open the Trojan script and find some unknown PHP code. Put the code into the sinesafe Trojan horse tool and find the Trojan features in depth. The code is as follows:

The code is as follows:

I found on the Internet that this is a udp traffic attack php script Trojan, this Trojan can be run with the authority of the website script can achieve the effect of ddos traffic attack. Without the permission of the server, I understand why the computer room says that my website is sending packets all the time, the website that runs this script will open slowly, and my website is among them. Now that you have found the problem, it is necessary to solve it quickly. Click to clear the Trojan code, and all of it will be cleared. There are no strange file names in the Data/cache/ directory. Finally, in order to cure this "stubborn disease", summed up the following solutions and preventive measures:

1.dedecms directory security settings: data/cache/ templets uploads directory settings can be read / write, not executable permissions. Include, member, and plus set readable, executable and non-writeable permissions. Because dedecms does not use stored procedures anywhere, you can disable the permissions of FILE, EXECUTE, and so on to perform stored procedures or file operations.

two。 Website program security: this is also the most fundamental precaution, if it is a virtual space, it is recommended to find a professional website security maintenance to do website program security, only the website security can bring a secure and stable customer source.

3. Program update: open the dedecms background to see if there are any updated patches, if there is a timely update and patch, if your version is very old, I suggest reinstalling the new version, because the new version is relatively safe, there are many places and the old version is different.

4. Background management directory: dedecms background management directory is generally dedecms by default, many webmasters never care about this background address, I am very responsible to tell you, if the management directory address is the default, then your probability of being hung up is 0. It is recommended that the name of the directory be changed to a combination of numbers and alphabetic symbols.

5.FTP admin passwords: FTP passwords and webmaster passwords are recommended to be changed frequently, because many hackers are using violence to crack passwords, making them as complex as possible with special matches and letters.

After reading this article, I believe you have a certain understanding of dedecms's solution to DDOS horse loopholes. If you want to know more about it, you are welcome to follow the industry information channel. Thank you for reading!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.