Shulou(Shulou.com)06/01 Report--

This article mainly introduces "what are the methods of server security settings". In daily operation, I believe that many people have doubts about the methods of server security settings. The editor consulted all kinds of materials and sorted out simple and easy-to-use operation methods. I hope it will be helpful for you to answer the doubts about "what are the methods of server security settings?" Next, please follow the editor to study!

The execution permission means whether the website can be accessed or not, and for logging in to the server, can you cd it?

About whether the directory can be written: it mainly depends on the permissions of the directory to be written, as long as the directory at the next level has the permission to execute.

In the website security, it is very sensitive to the execution permission of the directory. Generally speaking, the directory that can be written cannot have the execution permission of the script. For example, in the DedeCMS system, there are two directories that can be written. The data and uploads,data directories are mainly basic configuration files and cache data, while uploads is the directory that is uploaded and saved by attachments. This article will introduce how to cancel the execution permissions of these two directories according to different server environments. Of course, we also recommend that users generate other directories that generate pure static html, and remove the execution permission if they have writeable permissions, so that the system will be more secure.

This paper introduces two methods.

1.apache 's configuration file httpd.conf, find the location of the following figure:

Add the directory configuration that needs to restrict the execution of script files to the following:

The configuration is as follows:

Deny from all

After the configuration is complete, restart apache, and the configuration will take effect!

two。 To set the .htaccess file (virtual host / space configuration), you need to confirm whether your space supports .htaccess and rewrite before configuration. This method is based on the use of rewrite in the .htaccess file to disable the specified script.

RewriteEngine on RewriteCond! ^ $

RewriteRule uploads/ (. *). (php) $- [F]

RewriteRule data/ (. *). (php) $- [F]

RewriteRule templets/ (. *). (php) $- [F]

At this point, the study of "what are the methods of server security settings" is over. I hope to be able to solve your doubts. The collocation of theory and practice can better help you learn, go and try it! If you want to continue to learn more related knowledge, please continue to follow the website, the editor will continue to work hard to bring you more practical articles!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.