How does dedecms prevent being hung up?
dedecms must read safety knowledge to prevent being hung up
1. Safety precautions before being hung up
A. Change the default management directory dede.
B. Check whether the install.lock file exists in the install directory. Some users did not give write permission to the install directory, causing the lock file not to be generated during installation. After the installation is complete, you can delete the entire install directory.
C. Pay attention to the background update notification and check whether the latest dedeCMS patch is applied.
D. Server web directory permission settings
Conditional users can set the data, templets and uploads in DedeCms The , html, special, images, and install directories are set to not allow script execution, and writing to other directories is prohibited, making the system safer.
E. It is recommended to download the official program.
F. Server security measures (take Windows 2003 system as an example)
1. Update the system patch to the latest one and turn on automatic updates
2. Install anti-virus software, update the virus database to the latest, and turn on automatic updates
3. Turn on the system’s own firewall and open the ports in the application to filter unnecessary port access
4. Open the tcp/ip security policy and open the ports in the application to filter unnecessary port access
5. Open user and user group management and add IUSR users corresponding to different WEB sites , in order to reduce the permission crisis caused by a site being hacked by permission management
6. Set different permissions for different WEB directories
Example: The corresponding permissions of the WebSiteA directory are generally system/administrators Full permission IUSR_websiteA read-only permission
The subdirectory under WebsiteA is assigned the write and run permission of IUSR_websiteA according to the needs of the DedeCMS program. For details, see the directory permission description at point b above
7. Do not run on the server Install software of unknown origin
8. Do not install any cracked Chinese version of the software on the server. If you really need it, it is recommended to use the original version
9. It is recommended not to install ServU FTP software and use other FTP software, change the FTP port, the user password should not be too simple
10. If not necessary, please try to turn off the remote access function of the service application, such as the remote access of mysql user
11. In view of the above One point, you can use the local security policy function to set the allowed access IP.
12. Using local security policies, you can also effectively reject CC attacks and filter access from source IPs.
13. Please pay attention to timely update patches for all service applications on the server. For example, mssql must be patched, and you must use the genuine version. If you have no conditions, use the regular copied version
14. Server For various applications on the Internet, such as IIS configuration and mysql configuration, please search Baidu and Google for topics on security applications in this area. It is very important to strengthen internal strength.
15. Turn on the access log record of IIS
Recommended learning: 梦weavercms
2. Security check after horse-hanging
If necessary, close the website and enter step-by-step troubleshooting
A. Enter the DedeCMS management background to check whether there are new patches or security reminders that have not been updated in time.
B. Check whether there is corresponding Trojan horse virus code in the source file to confirm whether it is an ARP attack
ARP attack performance: There is no change in the program file, and the attack uses deception to deceive the target gateway. The effect of the client is to achieve the purpose of the client accessing the website to load the Trojan.
ARP attack prevention: Install anti-ARP attack software and other countermeasures on the server, or contact your IDC service provider.
C. Check the directory permissions. For details, see the security measures in the first point.
D. Check every directory in FTP to find suspicious files that have been modified recently.
1. Use Notepad and other tools to open the search. If it is really hacked, you can find it through analysis here.
2. If the entire site is hung, please check the js files called by the entire site first.
3. Find the hung code from the file, copy the key statement part of the code, and open the replacement software to replace or search in batches.
4. The above step requires server control permission. If not, you can only download it and approve it. (This is a prudent approach. If you are confident, you can only check some files or directories)
E. If the above still cannot be solved, then you have to analyze the IISLOG log and trace the source to find the intrusion point.
You can download IISlog analysis software for research.
3. How to seek official help or report safety issues?
1. Check the modification time of Trojans and suspicious files
2. Check the site system log and compare it with the time obtained in point 1 to find out how to hang the Trojan.
3. Please read carefully and understand one or two major points first. If you still cannot solve the problem, please PM the forum for official technical support
The above is the detailed content of How does dedecms prevent being hung?. For more information, please follow other related articles on the PHP Chinese website!