What are the advanced security strategies for the DreamWeaver site?
织梦站点高级安全策略有哪些?
织梦DedeCMS站点高级安全策略(Linux篇)
在Linux环境下搭建安装DedeCMS本篇不再具体说明,大家可以点击文档《Linux下安装DedeCMS及安全设置》来查看安装和基本安全配置部分的内容。
推荐学习:dedecms教程
本篇将在之前的基础上进一步来对Linux下的DedeCMS进行安全配置,以保证我们的站点能够更加安全的运行在服务器上。
1.安装Apache文件访问权限模块
为了保证每个虚拟站点都能够拥有自己独立的文件访问权限,我们需要安装Apache安全权限分离模块,在终端中输入:
sudo apt-get install apache2-mpm-itk
2.添加管理后台站点控制帐号
接下来我们需要再添加一个后台站点的Apache运行帐号,在终端中输入:
sudo useradd -g www-data -d /dev/null -s /usr/sbin/nologin www-admin
这样我们就添加了一个www-admin帐号,专门用于控制后台站点的文件访问权限。
3.将后台管理目录移出,并且创建独立站点
默认安装后,后台的管理目录是在站点更目录下的/dede,为了安全起见我们需要将这个目录移出,但为了能够正常管理站点,我们需要将这个后台目录创建独立站点。
3.1.移动后台管理目录
我们先创建一个目录,这个目录专门用于存放后台站点文件,在终端中输入:
sudo mkdir /var/dedecms-admin
然后将织梦后台移动到这个文件夹中,输入:
sudo mv /var/dedecms/dede/* /var/dedecms-admin/
3.2.创建虚拟站点
我们需要创建一个新的站点用于显示后台,我们可以在/etc/apache2/site-enabled/目录中创建一个文件名为:default-admin的文件,内容如下:
<VirtualHost *:80> ServerName admin.dede.com ServerAdmin webmaster@localhost DocumentRoot /var/dedecms-admin AssignUserId www-admin www-data <Directory /> Options FollowSymLinks AllowOverride None </Directory> <Directory /var/dedecms-admin/> Options Indexes FollowSymLinks MultiViews AllowOverride None Order allow,deny allow from all </Directory> </VirtualHost>
创建完成后我们重新启动服务器,在终端输入:
sudo service apache2 restart
这里我们给后台站点域名设置为admin.dedecms.com用户可以根据自己情况设定更为复杂的域名形式,例如:
dedesiteadmin2008.dede.com
然后在系统host纪录中添加一条指向站点域名对应ip的纪录,保证其能够正常访问。
3.3.给管理站点目录设定权限控制帐户
为了保证后台文件访问的安全,我们也需要给它设定文件访问权限,在终端中输入:
sudo chown www-admin.www-data /var/dedecms-admin/
这样就给这个目录指定了www-admin的访问帐号。
3.4.调整后台文件配置,保证后台正常访问
由于我们直接移动了管理后台文件目录,所以我们访问admin.dede.com会出现报错,这时候我们需要对系统中的目录配置进行调整。
(1)找到/var/dedecms-admin/config.php,将第12行
require_once(DEDEADMIN.’/../include/common.inc.php’);
改为
require_once(DEDEADMIN.’/../dedecms/include/common.inc.php’);
然后在这段代码下面加上:
$cfg_plus_dir = $cfg_phpurl = $cfg_basehost.”/”.$cfg_plus_dir;
(2)找到/var/dedecms-admin/login.php,将11行
require_once(dirname(__FILE__).’/../include/common.inc.php’);
改为
require_once(dirname(__FILE__).’/../dedecms/include/common.inc.php’);
(3)找到/var/dedecms/data/safe/inc_safe_config.php,第2行,改为
$safe_gdopen = ’1,2,3,4,5,7′;
(4)找到/var/dedecms-admin/exit.php,第11行
require_once(dirname(__FILE__).’/../include/common.inc.php’);
改为
require_once(dirname(__FILE__).’/../dedecms/include/common.inc.php’);
(5)复制include中的相关文件
我们需要将include文件夹下的一些文件拷贝到管理后台站点中以保证后台正常使用:
mkdir /var/dedecms-admin/include/dialog sudo cp -R /var/dedecms/include/dialog/* /var/dedecms-admin/include/dialog mkdir /var/dedecms-admin/include/js sudo cp -R /var/dedecms/include/js/* /var/dedecms-admin/include/js sudo mkdir /var/dedecms-admin/include/ckeditor sudo cp -R /var/dedecms/include/ckeditor/* /var/dedecms-admin/include/ckeditor
4.重新分配前台Apache用户权限
设定完成后我们需要给前台站点重新指派权限,在终端输入:
sudo chown -R www-admin.www-data /var/dedecms/
这样就把前台用户设定为了www-admin,然后再执行:
sudo chmod -R 755 /var/dedecms/
这样设置后后台管理就具有了站点操作权限,但前台浏览用户没有修改文件的权限了。
但这里前台uploads需要有可上传的权限,所以还需要执行:
sudo chmod -R 777 uploads/
5.完成安全配置
这样一来我们就完成了系统的安全设置,做到了前后台的权限分离,当然您也需要配置下php.ini禁用掉某些函数,配合系统做好各个方面的安全设置。
The above is the detailed content of What are the advanced security strategies for the DreamWeaver site?. For more information, please follow other related articles on the PHP Chinese website!
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
How to import css in DreamWeaver
Dec 03, 2020 pm 04:03 PM
How to import css into DreamWeaver: 1. Place the HTML template file in the "templets" folder; 2. Change the suffix of the HTML file to ".htm"; 3. Add "{dede:" in front of the original style path: global.cfg_templets_skin/}" can be used.
Detailed explanation of CMS database file recovery method
Mar 13, 2024 pm 03:15 PM
The database is the core of website operation and stores important information such as user data and article content. Therefore, the backup and recovery of database files is particularly important during website operation. For websites built using Dreamweaver CMS, the recovery of database files is also a critical task. This article will introduce in detail the recovery method of Dreamweaver CMS database files, and provide specific code examples to help users quickly restore website data and ensure the normal operation of the website. 1. Back up the database file. Before restoring the database file, you first need to ensure that it has been
An article discusses the new features and advantages of Dreamweaver PHP5.7 version
Mar 21, 2023 am 09:36 AM
Dreamweaver is a very famous CMS. It is used by many websites due to its simplicity and ease of use. Its backend is developed using PHP, and the latest official version is Dreamweaver PHP 5.7. In this article, we will explore the new features and advantages of DreamWeaver PHP 5.7 version.
A brief analysis of the PHP version and number of components required for DreamWeaver
Mar 21, 2023 am 10:50 AM
DreamWeaver is a very popular website construction system, and its architecture is based on the PHP language. Therefore, Dreamweaver requires PHP to run. So, specifically, how many PHPs are needed to weave dreams? This is not a simple question. This article will introduce the PHP version and number of components required for Dreamweaver from the following aspects.
How to solve the problem if Dreamweaver fails to install php7.0
Mar 23, 2023 am 11:11 AM
It is a common situation to encounter problems when installing Dreamweaver. One of the possible problems is that php7.0 cannot be successfully installed. In this article, we will explain how to solve this problem.
What version of php is required for DreamWeaver?
Jun 06, 2023 pm 01:20 PM
Dreamweaver requires PHP version 5.2 and above. The installation method: 1. First install PHP and configure the environment; 2. Download the DedeCMS installation package and extract it to the root directory of the website; 3. Open the website URL and follow the prompts to complete the installation; 4. After the installation is complete, you can access the Dreamweaver backend through http://localhost/yourwebsite.
Is cms a dream weaver?
Mar 01, 2023 am 09:58 AM
cms is not Dreamweaver, cms refers to content management system, and Dreamweaver is just a kind of cms; Dreamweaver cms refers to Dreamweaver content management system, and content management system is a kind of WEB front-end and back-end office system or process. A software system between websites; cms has many excellent designs based on templates, which can speed up website development and reduce development costs.
Master the key points of Dreamweaver PHP5
Mar 26, 2024 am 11:12 AM
Dreamweaver CMS is an open source content management system developed based on PHP5 and is widely used in the field of website construction. It is very important for developers to master the key points of Dreamweaver PHP5. This article will introduce some key points and provide specific code examples to help readers better understand and apply DreamWeaver PHP5. 1. Files included in the development of DreamWeaver CMS often require data sharing and code reuse between different files. PHP's file inclusion feature is an effective way to solve this problem. In DreamWeaver CMS, often
