Shulou(Shulou.com)06/02 Report--

Editor to share with you how to prevent dedecms from being hung up. I hope you will gain a lot after reading this article. Let's discuss it together.

How to prevent dedecms from being hung up?

Dedecms must look at safety knowledge in order to prevent being hung up.

1. Safety measures before hanging up the horse

A. change to the default management directory dede.

B. Check whether the install.lock file exists in the install directory. A user did not write permission to the install directory so that the lock file was not generated during installation. The entire intstall directory can be deleted after the installation is complete.

C. Follow the background update notification and check whether the latest dedeCMS patch is applied.

D, server web directory permission setting

Conditional users set the directories of data, templets, uploads, html, special, images and install in DedeCms to not allow script execution, and other directories prohibit writing, so the system will be more secure.

E, suggest to the official download program

F, server security measures (take windows2003 system as an example)

1. Update the system patch to the latest, and turn on automatic update

2. Install antivirus software, update the virus library to the latest, and turn on automatic update

3. Open the firewall that comes with the system and open the ports in the application to filter unnecessary port access.

4. Open the tcp/ip security policy and open the ports in the application to filter unnecessary port access

5. Open the management of users and user groups, and add IUSR users corresponding to different WEB sites, so as to reduce the rights crisis caused by the hacking of a site.

6. Set different permissions for different WEB directories

For example, the corresponding permissions of WebSiteA directories are generally system/administrators full permissions and IUSR_websiteA read-only permissions

The subdirectories under WebsiteA assign the write and run permissions of IUSR_websiteA according to the needs of DedeCMS programs. For more information, please see the description of directory permissions in dot b above.

7. Do not install unknown software on the server

Do not install any cracked version of the Chinese version of the software on the server. If you really need it, it is recommended to use the original version.

9. It is recommended not to install ServU FTP software, switch to other FTP software, change the FTP port, and the user password should not be too simple.

10. If you do not need it, try to turn off the remote access function of the service application, such as the remote access of mysql user.

11. In view of the above point, you can use the local security policy feature to allow access to IP.

12. Using the local security policy, you can also effectively reject CC attacks and filter the access of the source IP.

13. All service applications on the server should pay attention to timely updates of patches, such as mssql, and use authentic and unconditional copies.

14, various applications on the server, such as IIS configuration mysql configuration, please search Baidu Google this aspect of the security application topic, to strengthen the internal skills is very important.

15. Enable IIS access logging

Second, the safety inspection after hanging the horse

If necessary, close the website and enter the step-by-step investigation.

A, go to the DedeCMS management background to check if there are any new patches or security reminders that have not been updated in time.

B. Check whether there is a Trojan virus code in the source file to confirm whether it is an ARP attack.

ARP attack performance: there is no change in the program file, the attack is to deceive the target gateway to achieve the effect of deceiving the user, to achieve the purpose of accessing the website to load Trojans.

ARP attack prevention: install anti-ARP attack software and other countermeasures on the server, or contact your IDC service provider.

C, check the directory permissions, see the security measures in the first big point for details.

D. Check every directory in FTP for suspicious files that have been modified recently.

1, use notepad and other tools to open the search, if it is really linked to the horse, here analysis can be found.

2. If the whole station is hung up, please check the js file called by the whole station first.

3. Find the hanging code from the file, copy the key statements of the code, and open the replacement software for batch replacement or batch search.

4. The above step requires server control permission. If not, you can only download it back and approve it. (this is a prudent approach. If you are sure, you can check only some files or directories.)

E, the above still can not be solved, then we have to analyze the IISLOG log and trace the source to find the point of invasion.

You can download IISlog analysis software research.

Third, how to turn to the authorities for help or report safety problems?

1. Check the modification time of Trojans and suspicious files

2. Check the system log of the site and find out the way to hang the horse compared with the time obtained at point 1.

3. Please read carefully to understand one or two major points, confirm that it is still unsolvable, and ask the official technical support of the forum PM.

After reading this article, I believe you have a certain understanding of the methods to prevent dedecms from being hung up. You want to know more about it. Welcome to follow the industry information channel. Thank you for your reading!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.