What to do if dedecms is hacked
What to do if dedecms is hacked
If your website is hacked and a backdoor file is uploaded, generally There may be more than one backdoor, and there may be many backdoor files, and they will be disguised as normal files. If you want to remove them, you can generally remove the virus files in the original program by searching for backdoors. This method takes a long time, and there are inevitably some omissions. .
The method and idea introduced in this article is: only retain absolutely safe content, and cover online programs with new and safe program files, which can prevent backdoor residues to the greatest extent and make the website as new as ever. This idea can be applied to most programs, such as dz, etc.
1. Back up the files in the compromised website directory and backup the database (to retain evidence and data)
Back up first and then operate, super important! ! !
Back up the program files through compression and packaging, and then back up the data inventory into sql files through phpmyadmin to back up the data to prevent data loss after misoperation.
Prompt again, ↑↑↑ This step is super important!
------The following are the quick recovery steps after dedecms is invaded------
2. Download the new Dreamweaver program and unzip it locally , do preliminary security processing
Go to the official website of Dreamweaver to download the new program package: http://www.dedecms.com/products/dedecms/downloads/, please pay attention to the corresponding encoding version, it is recommended to use UTF-8 version, more compatible.
1. Delete the following folders: /member, /special, /install, /templets/default (if you need the membership function, you can keep the /member directory).
2. The /plus folder only retains the following contents: /plus/img, /plus/count.php, /plus/diy.php, /plus/list.php, /plus/search.php, /plus/view.php, delete everything else.
3. Rename the /dede folder, which is the background login address, to a name that only you know.
3. Restore database connection files, recovery templates and uploaded image files
Find the following files from your backup package and merge them into the folder in the previous step. , note that the location and name must be covered in one-to-one correspondence.
1. Copy /data/common.inc.php to the package and overwrite it. This is the database connection information
2. Copy /data/config.cache.inc.php to the package and overwrite it. This is the site configuration cache. Check whether the content text in this file has been modified.
The following directories need to be processed for security first: check whether there are php, asp and other files in the directory, and delete them if they are. You can also use security scanning software, such as D-Shield, Security Dog, etc., to scan for backdoor files.
3. Copy the template and related css, js files: /templets/template folder, /style, /css, /layout, /static, etc., according to the actual situation of your template
4. Copy /uploads to the package and overwrite it. This is the uploaded pictures, attachments, etc.
The following may be optional:
5. Copy /include/extend.func.php to the package and overwrite it. This is a custom function. If there is no secondary development, this file can be skipped
6. Other files that you have secondary developed and modified
4. Overwrite the original Site
1. Clear all files in the online site (it is recommended to stop the website first and then clear it)
2. Use FTP to upload the merged program file package to your host space, you should know this step well
After the upload is completed, your site will be restored.
Key points of this method:
1. Replace the compromised program with a new program
2. Connect the new program to the original database.
3. After recovery, please log in to the backend, check if there is any unfamiliar administrator account, and change your own administrator account password.
5. Security precautions of Dreamweaver
1. Most of Dreamweaver’s vulnerabilities come from its plug-in part (plus). By prohibiting the writing of plus and other directories, Most intrusions can be eliminated. For specific methods, please refer to another article on this site "Dreamweaver CMS Security Settings Guide" https://www.think3.cc/?id=5
2. WAF firewall: Generally, it is invaded through Scan the above locations with security risks to achieve the purpose of uploading backdoors. Most WAFs can block this type of scanning, such as nginx/apache request filtering, security dog iis version, etc.
3. Program directory permissions: Most intrusions require you to first write a new Trojan horse file to your server, and then access and execute this file to achieve the purpose of modifying the entire site. Strictly setting directory write permissions and strictly setting directory executable permissions can also effectively prevent most intrusions.
For example: In nginx, the upload directory execution program can be restricted through pseudo-static rules
PHP
location ~* ^/(a|data|templets|uploads|style|css|js|static|layout|assets|cache)/.*\.(php|php5|asp|jsp|aspx|py)$ {
deny all;
}For more dedecms technical articles, please visit the dedecms usage tutorial column!
The above is the detailed content of What to do if dedecms is hacked. For more information, please follow other related articles on the PHP Chinese website!
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
1386
52
Where is the imperial cms resource network template?
Apr 17, 2024 am 10:00 AM
Empire CMS template download location: Official template download: https://www.phome.net/template/ Third-party template website: https://www.dedecms.com/diy/https://www.0978.com.cn /https://www.jiaocheng.com/Installation method: Download template Unzip template Upload template Select template
How dedecms implements template replacement
Apr 16, 2024 pm 12:12 PM
Template replacement can be implemented in Dedecms through the following steps: modify the global.cfg file and set the required language pack. Modify the taglib.inc.php hook file and add support for language suffix template files. Create a new template file with a language suffix and modify the required content. Clear Dedecms cache.
How to upload local videos to dedecms
Apr 16, 2024 pm 12:39 PM
How to upload local videos using Dedecms? Prepare the video file in a format that is supported by Dedecms. Log in to the Dedecms management backend and create a new video category. Upload video files on the video management page, fill in the relevant information and select the video category. To embed a video while editing an article, enter the file name of the uploaded video and adjust its dimensions.
What website can dedecms do?
Apr 16, 2024 pm 12:24 PM
Dedecms is an open source CMS that can be used to create various types of websites, including: news websites, blogs, e-commerce websites, forums and community websites, educational websites, portals, other types of websites (such as corporate websites, personal websites, photo album websites, video sharing website)
How to use dedecms
Apr 16, 2024 pm 12:15 PM
Dedecms is an open source Chinese CMS system that provides content management, template system and security protection. The specific usage includes the following steps: 1. Install Dedecms. 2. Configure the database. 3. Log in to the management interface. 4. Create content. 5. Set up the template. 6. Manage users. 7. Maintain the system.
What loopholes does dedecms have?
Aug 03, 2023 pm 03:56 PM
DedeCMS is an open source content management system that has some potential vulnerabilities and security risks: 1. SQL injection vulnerability. Attackers can perform unauthorized operations or obtain sensitive data by constructing malicious SQL query statements; 2. File Upload vulnerability, attackers can upload files containing malicious code to the server to execute arbitrary code or obtain server permissions; 3. Sensitive information leakage; 4. Unauthenticated vulnerability exploitation.
Accurate and reliable dedecms conversion tool evaluation report
Mar 12, 2024 pm 07:03 PM
Accurate and reliable dedecms conversion tool evaluation report With the rapid development of the Internet era, website construction has become one of the necessary tools for many companies and individuals. In website construction, using a content management system (CMS) can manage website content and functions more conveniently and efficiently. Among them, dedecms, as a well-known CMS system, is widely used in various website construction projects. However, sometimes we are faced with the need to convert the dedecms website to other formats, in which case we need to use a conversion tool
A simple way to learn dedecms encoding conversion function
Mar 14, 2024 pm 02:09 PM
Learning dedecms encoding conversion function is not complicated. Simple code examples can help you quickly master this skill. In dedecms, the encoding conversion function is usually used to deal with problems such as Chinese garbled characters and special characters to ensure the normal operation of the system and the accuracy of data. The following will introduce in detail how to use the encoding conversion function of dedecms, allowing you to easily cope with various encoding-related needs. 1.UTF-8 to GBK In dedecms, if you need to convert UTF-8 encoded string to G
