Shulou(Shulou.com)06/02 Report--

The editor will share with you what security settings dedecms has. I hope you will gain a lot after reading this article. Let's discuss it together.

What are the ultimate skills of dedecms security settings?

1. The following directories: data, templets, uploads, a set read-write and non-executable permissions. Directory an is the default save path of the document HTML, which can be changed in the background.

2. The following directories: include, member, plus, dede are set to read, executable and not writable. Backend management directory (default dede), which can be modified by yourself.

3. If you do not need to use members and topics, you can delete member and special directories directly.

4. Delete the install installation directory

5. The administrator account password is set as complicated as possible. You can create a new channel manager to publish articles, and only give relevant permissions.

6. Mysql database link, do not use root users, create new users separately, and give: SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, INDEX, ALTER, CREATE TEMPORARY TABLES permissions

7. Back up the website directory and database regularly, and check the files, scan the virus and fix the system errors in the background.

Once set up, proceed to the following actions

If it has been hacked, please know all the information in the space, download the latest official version, and then deal with it as follows:

First, when installing the table prefix of the database, it is best to change it. You can change any name of xxxx_, without the default prefix dede_, of dedecms.

Second, log in to the background to enable the CAPTCHA function. Delete the default administrator admin and change it to a private, complicated account. The administrator password must be long, at least 8 digits, and mixed with letters and numbers.

Third, be sure to delete the install directory after installing the program

Fourth, change the default directory name dede for dedecms background management.

Fifth, all unneeded functions are turned off, such as members, comments, etc., if it is not necessary to turn them off in the background.

Sixth, the following are directories that can be deleted:

Member membership function

Special thematic function

Company enterprise module

Plus\ guestbook message board

The following files can be deleted:

These files under the management directory are stage managers, which are redundant functions and have the greatest impact on security. Many HACK use it to hang up their horses.

File_manage_control.php file_manage_main.php file_manage_view.php media_add.php media_edit.php media_main.php

Then there are:

Delete the dede/sys_sql_query.php file without the SQL command runner.

If the tag function is not needed, please delete the tag.php in the root directory. If you don't need a top guest, please delete digg.php and diggindex.php in the root directory.

Seventh, pay more attention to the security patch officially released by dedecms and put on the patch in time.

Eighth, download and release function (manage directory soft__xxx_xxx.php), if not, it can be deleted, this is also easier to upload pony.

Ninth, DedeCms official website out of the omnipotent security code, log in to the dedecms official website forum to view.

Tenth, the safest way: publish html locally and upload it to space. It does not contain any dynamic content and is the safest in theory, but it is relatively troublesome to maintain.

National Day holiday, or often have to check their own website, being hung black chain is a small matter, be hung Trojan horse or delete the program is very miserable, bad luck, the ranking will follow. So remember to back up data from time to time.

After reading this article, I believe you have a certain understanding of the security settings of dedecms, want to know more about it, welcome to follow the industry information channel, thank you for reading!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.