This article mainly introduces destoon's use of Rewrite rules to set website security. For more information, see Rewrite.
To enhance the security of destoon, you need to perform necessary security settings. This article uses Rewrite rule settings to increase website security as an example:
Rule 1:
Blocking non-php extended dynamic files, such as asp and aspx, can prevent backdoor programs with extensions such as asp and aspx from running.
RewriteRule ^ (. *) \. (asp | aspx | asa | asax | dll | jsp | cgi | fcgi | pl) (. *) $/404.php
Rule 2:
The php running permission of the website file directory is blocked. the file directory of the site has the write permission by default. when an unknown vulnerability occurs on the website, it may be written into a backdoor program to prevent php from running, even a backdoor program cannot run.
RewriteRule ^ (. *)/file/(. *) \. php (. *) $/404.php
3.0 and earlier versions need to be added
RewriteRule ^ (. *)/cache/(. *) \. php (. *) $/404.php