Shulou(Shulou.com)05/31 Report--

To prevent website attacks and DEDECMS code reinforcement security solution is what, many novices are not very clear about this, in order to help you solve this problem, the following editor will explain in detail for you, people with this need can come to learn, hope you can gain something.

Two of them use dedecms to do the company website, the bottom of the company website is directly hung a lot of Tibetan hyperlinks, I also found that there are a lot of derived hyperlinks in the case of testing the friend chain, according to the web page source code to find that the company website has been invaded.

This should be the latest method of website penetration, and we can also check if our company's website is directly linked to similar malicious programs. It is also necessary to attract attention when there are very few visitors due to the high ranking of some search engines and high search index. The above is a concise and detailed introduction of all the websites have been hacked, and then we will introduce in detail how to avoid the intrusion of the company's website, that is to say, how to do a good job in the security of the company's website.

one。 Often check the data and information of the company's website

Generally speaking, the vast majority of company websites that are dark-chained are those that have not been managed and maintained for a long time, especially in some company websites. the two company websites that contain the two dark-linked company websites mentioned above are not managed and maintained for a long time, and then the domain name of the website is due to expire, and after the renewal, it is found that the company website has been linked to the dark chain. At this stage, the dark chain sales market is still very hot, so try to squeeze out the time to test the company website that you haven't updated for a long time.

II. Dedecms website vulnerabilities

Because of the prevalence of dedecms, the dream-weaving imitation station with dedecms has become the first overall target for hackers. From dedecms5.5 to 5.7 today, there are still a small number of security vulnerabilities. Corporate websites made with dedecms should pay attention to the following aspects.

two。 Delete all install installation files

3. If you do not need to apply members can also immediately delete all member file directory the vast majority of hackers invade the dedecms company website that is the use of member article contribution function, submit Trojan folder.

three。 Restrict the execution and writing of website files and file directories

The dedecms program code company website can also make the following settings

1. The following file directories: data, templets, uploads, a set read and write permissions can not be executed.

two。 The following file directories: include, member, plus, Dream weaving cms are set to be readable and executable and cannot be written.

At this stage, many corporate websites designed by discuz and phpwind have also been hacked, that is, because the permissions for key file directories and folders are not set.

four。 How can we solve the problem after the company's website is attacked?

1. Overwrite with backup data

two。 If none of the data is backed up, find the folders that have been changed recently and check to see if they contain malicious programs.

3. Find one more folder for the source code of the website, and pay more attention to whether there is an unknown folder in the root directory of the company's website.

4. You can also find a professional website security company to deal with the security of the website, domestic SINE security, Green League, Kai Ming Star, Eagle Shield security, convinced, are quite good.

five。 Website ftp and server security settings

It is recommended to set complicated points for the application of liunx website server, ftp and website server account passwords, using English letters + big numbers + special characters as far as possible. Baidu CVM or VPS servers should deeply analyze the teaching videos at the server security setting level to ensure server security.

Is it helpful for you to read the above content? If you want to know more about the relevant knowledge or read more related articles, please follow the industry information channel, thank you for your support.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.