Shulou(Shulou.com)06/02 Report--

This article mainly introduces the Weaving Dream DEDECMS website how to prevent hanging horses, has a certain reference value, friends in need can refer to. I hope you will learn a lot after reading this article. Next, let the editor take you to learn about it.

Dream weaving DEDECMS website how to prevent hanging horses?

Dream-weaving DEDECMS website Security Settings imitating Horse course

Many customers often encounter or worry about the hanging of the website when using it.

This simple tutorial explains a series of security settings for DEDE websites for customers as long as you follow the following three points

99% of the websites can be avoided.

A simplified setting up:

All unwanted functions are deleted. For example, delete the member folder without needing a member. Remove redundant components to avoid being injected by hack

The best way. Add an empty index.html to each directory to prevent the directory from being accessed.

Dream weaving can be deleted directory list: member member features special special features install installer (required) company enterprise module

Plus\ guestbook message boards and other modules that are generally not needed can not be installed or deleted.

Second password setting part

The administrator password must be long and mixed with letters and numbers. Try not to use admin. Delete the admin after the initial installation and create a new one.

The administrator's name should not be too simple. The password stored in the dream weaving system database is MD5. Generally speaking, HACK gets the secret of MD5 even if it is injected.

Code, if your password is strict enough, the other party will not be able to reverse it. It is also helpless. But now the MD5 cracking website is too advanced, 4T hard drive

It's all MD5 passwords, and even if your password is complicated, it can be covered sometimes. That's how my previous site was hacked. So there must be a password.

Complicated enough.

List of files that can be deleted by dede:

Under the DEDE management directory

File_manage_control.php file_manage_main.php file_manage_view.php media_add.php media_edit.php media_main.php

These files are the stage manager (these two functions are the most redundant and have the greatest impact on security, and many HACK use it to hang up their horses. It's simple.

Straight is a small horse hanger, uploading and editing Trojans is very convenient. Generally, it is not necessary to delete them all.

Delete the dede/sys_sql_query.php file without the SQL command runner. Avoid HACK utilization.

If the tag function is not needed, please delete the tag.php in the root directory. No need for the top guest, please delete the digg.php and diggindex.php in the root directory!

Do the above three points to ensure that your website is safe and reliable!

Thank you for reading this article carefully. I hope the editor will share the content of Dream Weaving DEDECMS website to help everyone. At the same time, I also hope you can support us, pay attention to the industry information channel, and find out if you encounter problems. Detailed solutions are waiting for you to learn!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.