Home > CMS Tutorial > DEDECMS > body text

How does dedecms cancel the execution permission of scripts in the server/host space directory?

藏色散人
Release: 2019-11-19 11:04:51
Original
1559 people have browsed it

How does dedecms cancel the execution permission of scripts in the server/host space directory?

dedecmsHow to cancel the execution permission of scripts in the server/host space directory?

In website security, the execution permission of the directory is very sensitive. Generally speaking, the directory that can be written cannot have the execution permission of the script. For example, the DedeCMS system can be written. There are two directories, data and uploads. The data directory mainly contains basic configuration files and cached data, and uploads is the directory where attachments are uploaded and saved.

This article will introduce how to cancel these two directories for different server environments. Execution permissions. Of course, we also recommend that users remove execution permissions from other directories that generate pure static HTML and have writable permissions, so that the system will be more secure.

Recommended learning: dedecms tutorial

IISIIS6.0 under Windows

Open the site in IIS and go to the site uploads directory , data directory and static html generated directory, right-click, select "Properties" from the menu, and select "None" for execution permission in the directory properties panel. (As shown in Figure 1)

How does dedecms cancel the execution permission of scripts in the server/host space directory?

(Figure 1)

IIS7

IIS7 Also similar to IIS6.0, select the directory corresponding to the site, data, uploads and static html file directory, double-click "Handler Mapping" in the function view panel (Figure 2)

How does dedecms cancel the execution permission of scripts in the server/host space directory?

(Figure 2)

In "Edit function permissions...", we can directly remove the execution permission of the script. (As shown in Figure 3)

How does dedecms cancel the execution permission of scripts in the server/host space directory?

(Figure 3)

Execution permission settings for directory scripts under Apache Independent host configuration

In Apache, there is no graphical management interface for IIS under Windows. We need to manually modify the apache configuration file to set the execution permissions of the directory script.

First we find the apache configuration file httpd.conf. Normally, the configuration file is in the conf folder in the apache installation directory (Figure 4).

How does dedecms cancel the execution permission of scripts in the server/host space directory?

(Picture 4)

Open the httpd.conf file and find the location in the content as shown in Figure 5:

How does dedecms cancel the execution permission of scripts in the server/host space directory?

(Figure 5)

Add the directory configuration that needs to restrict the execution of script files below:

The configuration content is:

Copy the code as follows:

<Directory "DIR">    
<FilesMatch ".(php|asp|jsp)$">     
    Deny from all    
</FilesMatch>
</Directory>
Copy after login

The DIR in the configuration content is the directory where the execution of script files needs to be restricted, and the content after FilesMatch is the suffix name of the script that needs to be restricted. For example: If you need to prohibit the running of PHP, ASP, and JSP scripts in the uploads folder of the test site, configure the following Figure 6:

How does dedecms cancel the execution permission of scripts in the server/host space directory?

(Figure 6)

After the configuration is completed, restart apache and the configuration will take effect!

Before the operation, I created a new index.php file in the uploads folder. Figure 7 shows the access situation before configuration

How does dedecms cancel the execution permission of scripts in the server/host space directory?

(Figure 7 )

Figure 8 shows the effect of accessing this page after restarting apache.

How does dedecms cancel the execution permission of scripts in the server/host space directory?

(Figure 8)

Virtual host/space configuration

Before configuring, you need to confirm whether your space supports .htaccess and rewrite , this method is based on using rewrite in the .htaccess file to achieve the effect of prohibiting the execution of the specified script.

The rules are as follows:

Copy the code as follows:

RewriteEngine on  RewriteCond % !^$  
RewriteRule uploads/(.*).(php)$ – [F]  
RewriteRule data/(.*).(php)$ – [F]  
RewriteRule templets/(.*).(php)$ – [F]
Copy after login

There are restrictions on the execution of php scripts for the uploads, data, and templets directories;

Store the above content in the .hatccess file, and store the file in the root directory of your site.

In this way, the execution permission of the directory script is controlled. The effect before and after uploading the rules is the same as Figure 7. Figure 8.

The above is the detailed content of How does dedecms cancel the execution permission of scripts in the server/host space directory?. For more information, please follow other related articles on the PHP Chinese website!

Related labels:
source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template