destoon uses Rewrite rules to set up website security_PHP tutorial

WBOY
Release: 2016-07-13 10:24:26
Original
958 people have browsed it

In order to enhance the security of destoon, necessary security settings are required. This article uses Rewrite rule settings to increase website security as an example as follows:

Rule 1:

Blocking dynamic files with non-php extensions, such as asp, aspx, etc., can prevent backdoor programs with suffixes such as asp, aspx, etc. from running

RewriteRule ^(.*)\.(asp|aspx|asa|asax|dll|jsp|cgi|fcgi|pl)(.*)$ /404.php

Copy after login

Rule 2:

Shield the PHP running permission of the site's file directory. The site's file directory has write permission by default. When an unknown vulnerability occurs on the website, a backdoor program may be written. After preventing PHP from running, even if there is a backdoor program, it will not be able to run.

RewriteRule ^(.*)/file/(.*)\.php(.*)$ /404.php

Copy after login

Versions 3.0 and below need to add one more

RewriteRule ^(.*)/cache/(.*)\.php(.*)$ /404.php
Copy after login

www.bkjia.comtruehttp: //www.bkjia.com/PHPjc/825479.htmlTechArticleIn order to enhance the security of destoon, necessary security settings are required. This article uses Rewrite rule settings to increase website security. An example is as follows: Rule 1: Block dynamic text that is not a PHP extension...
Related labels:
source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template