How to prevent Dedecms from being hacked
How to prevent Dedecms from being hacked?
What troubles many webmasters is that the websites they build using dedecms are often hacked inexplicably, resulting in pages full of black links, which is infuriating; even more seriously, there may be Being punished by search engines, the site that I worked so hard to build saw its weight decrease, its inclusion decrease, and it was even K.
Recommended study: 梦Weavercms
In fact, I am a grassroots person. After being invaded by several sites and actively invading other sites, I came to the experience: for dedecms to hang the horse, We can definitely prevent it before it happens. Today, based on my own experience, the author will talk to the majority of dede enthusiasts about how to prevent dedecms from being hacked:
1 Server security This is the most fundamental prevention.
If you are an independent host, I believe you have taken this into consideration when setting up the server. The latest version of anti-virus and anti-virus software must be installed on the server, updated in time, and the security permissions of the server must be set so that Trojans cannot find the door to invade. As for how to set it up, you can search a lot online; if you are renting a virtual host, you need to keep your eyes open and check carefully. Some current IDC agents only care about money but not people. Choosing a good space provider will give you a safer space to build your website. Even if something goes wrong, it will be solved as soon as possible. You must know that some problems on the site cannot be postponed, especially if the site is maliciously linked. If you pay attention, you may be K-sited. I heard that the A5 console is pretty good, so I’ll give it a try if I get the chance.
2 Dedecms security settings under windows host After downloading and installing the program, the first thing to do is to set the directory permissions, so that even if the Trojan breaks through the server's restrictions, we will not let it find a way to further damage. If you are a Windows host, the directory permissions can be set like this: (1) For the data, templets, uploads, and a directories, set readable, writeable, and non-executable permissions; (2) If you do not need a special topic, it is recommended to delete the special directory. If necessary, you can After generating HTML, delete special/index.php and set the directory to be readable, writable, but not executable; (3) include, member, plus, and background management directories are set to executable scripts, readable, but not writable. (If additional modules are installed, the book, ask, company, and group directories are also set up in this way). In addition, it is recommended to delete the install directory and not directly use the MySQL root user permissions on the website. Set up an independent MySQL user account for each website. The permissions are: SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, INDEX, ALTER, CREATE TEMPORARY TABLES. Since DEDE does not use stored procedures anywhere, be sure to disable FILE, EXECUTE, etc. permissions to perform stored procedures or file operations.
3 After setting the directory permissions for the program update patch, let the website backend, don’t be busy adding columns and documents, check the system homepage to see if there are any patch prompts for upgrading and updating. If there is, don’t hesitate, hurry up. Put it on. If you are using an older version of the program and the patch prompt is for the latest version, it is recommended to reinstall the latest version of the program. Now dede has released V5.6, which is more secure than the previous version. Friendly reminder: Don’t forget to back up important data before upgrading the program, including pictures, templates, etc.
4 Rename the backend directory. After dede is installed, the default backend directory is dede. This makes it easy for people to guess the backend address, which is extremely unsafe. Change it to something more complex, preferably not something easy to guess like a website name.
5 Complicated FTP passwords If your FTP password is very simple, it is easy to be guessed by some FTP weak password software. Therefore, try to make the FTP password as complex as possible, preferably a combination of letters and numbers, more than 10 digits, so that those cracking programs will crash.
6 The last point is data backup. In fact, even if we take strict precautions, we can't completely prevent being hooked. As the saying goes, the higher the road, the higher the devil! Therefore, your website data must be backed up frequently. In this way, even if the website is hacked, the data can be restored by reinstalling the program to minimize the loss. After all, data is the most valuable wealth of webmasters.
Okay, the above 6 points are all summaries of my experience in practice. Next time I will write an article about how to deal with dedecms after it hangs.
The above is the detailed content of How to prevent Dedecms from being hacked. For more information, please follow other related articles on the PHP Chinese website!
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
1387
52
Where is the imperial cms resource network template?
Apr 17, 2024 am 10:00 AM
Empire CMS template download location: Official template download: https://www.phome.net/template/ Third-party template website: https://www.dedecms.com/diy/https://www.0978.com.cn /https://www.jiaocheng.com/Installation method: Download template Unzip template Upload template Select template
How dedecms implements template replacement
Apr 16, 2024 pm 12:12 PM
Template replacement can be implemented in Dedecms through the following steps: modify the global.cfg file and set the required language pack. Modify the taglib.inc.php hook file and add support for language suffix template files. Create a new template file with a language suffix and modify the required content. Clear Dedecms cache.
How to upload local videos to dedecms
Apr 16, 2024 pm 12:39 PM
How to upload local videos using Dedecms? Prepare the video file in a format that is supported by Dedecms. Log in to the Dedecms management backend and create a new video category. Upload video files on the video management page, fill in the relevant information and select the video category. To embed a video while editing an article, enter the file name of the uploaded video and adjust its dimensions.
What website can dedecms do?
Apr 16, 2024 pm 12:24 PM
Dedecms is an open source CMS that can be used to create various types of websites, including: news websites, blogs, e-commerce websites, forums and community websites, educational websites, portals, other types of websites (such as corporate websites, personal websites, photo album websites, video sharing website)
How to use dedecms
Apr 16, 2024 pm 12:15 PM
Dedecms is an open source Chinese CMS system that provides content management, template system and security protection. The specific usage includes the following steps: 1. Install Dedecms. 2. Configure the database. 3. Log in to the management interface. 4. Create content. 5. Set up the template. 6. Manage users. 7. Maintain the system.
What loopholes does dedecms have?
Aug 03, 2023 pm 03:56 PM
DedeCMS is an open source content management system that has some potential vulnerabilities and security risks: 1. SQL injection vulnerability. Attackers can perform unauthorized operations or obtain sensitive data by constructing malicious SQL query statements; 2. File Upload vulnerability, attackers can upload files containing malicious code to the server to execute arbitrary code or obtain server permissions; 3. Sensitive information leakage; 4. Unauthenticated vulnerability exploitation.
Accurate and reliable dedecms conversion tool evaluation report
Mar 12, 2024 pm 07:03 PM
Accurate and reliable dedecms conversion tool evaluation report With the rapid development of the Internet era, website construction has become one of the necessary tools for many companies and individuals. In website construction, using a content management system (CMS) can manage website content and functions more conveniently and efficiently. Among them, dedecms, as a well-known CMS system, is widely used in various website construction projects. However, sometimes we are faced with the need to convert the dedecms website to other formats, in which case we need to use a conversion tool
A simple way to learn dedecms encoding conversion function
Mar 14, 2024 pm 02:09 PM
Learning dedecms encoding conversion function is not complicated. Simple code examples can help you quickly master this skill. In dedecms, the encoding conversion function is usually used to deal with problems such as Chinese garbled characters and special characters to ensure the normal operation of the system and the accuracy of data. The following will introduce in detail how to use the encoding conversion function of dedecms, allowing you to easily cope with various encoding-related needs. 1.UTF-8 to GBK In dedecms, if you need to convert UTF-8 encoded string to G
