In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-04-04 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >
Share
Shulou(Shulou.com)06/02 Report--
Editor to share with you how to prevent Dedecms intrusion, I believe that most people do not know much about it, so share this article for your reference, I hope you can learn a lot after reading this article, let's go to know it!
How to prevent Dedecms from invading?
The most basic security settings: modify the dedecms default background directory / dede/ and modify the administrator account password
2. If the website does not need to use the membership system, it is recommended to delete the / member/ folder
3. Move the / data/ folder outside the Web access directory. This is the official recommendation of dedecms. The specific operation method is as follows:
1. Move the / data/ folder to a directory one level above the web root directory
two。 Modify the DEDEDATA variable in / include/common.inc.php to: define ('DEDEDATA', DEDEROOT.'/data'); change to define (' DEDEDATA', DEDEROOT.'/../data')
3. Modify / index.php and delete the following code (Note: this modification can be ignored if the home page generates static and the index.html index takes precedence over index.php. ):
The code is as follows:
If (! file_exists (dirname (_ FILE__).'/ data/common.inc.php')) {header ('Location:install/index.php'); exit ();}
4. Configure the tplcache cache file directory: log in to background > system > system basic parameters > performance options, and change the value of the template cache directory to /.. / data/tplcache
4. / plus/ is a directory with high incidence of dedecms vulnerabilities. Hiding the / plus/ path can prevent the exploitation of unknown vulnerabilities caused by files in this directory. If you need to use a file in this directory, you can add relevant rules in .htaccess to achieve whitelist function.
Example: assuming that the plus directory name is changed to / abcd9com/, website, you need to use the background column dynamic preview (path: http:// domain name / plus/list.php?tid= column number) and publish jump articles (path: http:// domain name / plus/view.php?aid= article number), you can add the following code to .htaccess:
The code is as follows:
RewriteEngine OnRewriteCond% {QUERY_STRING} ^ tid= (\ d +) RewriteRule ^ plus/list.php$ / abcd9com/list.php$1 [L] RewriteCond% {QUERY_STRING} ^ aid= (\ d +) RewriteRule ^ plus/view.php$ / abcd9com/view.php$1 [L] these are all the methods to prevent Dedecms intrusion. Thank you for reading! I believe we all have a certain understanding, hope to share the content to help you, if you want to learn more knowledge, welcome to follow the industry information channel!
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.