First, the panel safety issues and thorough inspection
First, install the latest version and timely upgrade
Regardless of which VPS management panel to use, we need to use the latest version, which is similar to our use of Web site CMS The same reason, especially when there are security patches timely patch upgrades to ensure that it is not used.
Second, delete the default file
Users who use the WDCP panel for bulk viewing are the default files that are used to view the "lamp of theLANMP one-click installation package," which will need to be removed in the default directory where our installation is successful.
It's easy to find that we're using the WDCP panel.
Third, modify the WDCP port
The default WDCP installation login panel is the ip:8080 port, and we need to change to a random port so that we don't see the login address.
Four, scheduled backup data
Regular backup data, the general user may not damage the site environment, but there are some direct damage, so we need timely backup data. Make sure you can recover even if you lose it.
thoroughly examines and resolves the WDCP panel security vulnerability Method
For the security problem is more annoying, is certainly need to solve, here the old left to provide solutions, according to their own needs and the actual situation to choose to use.
First, upgrade the latest version
You can refer to the following command to upgrade the latest version
The code is as follows |
Copy Code |
wget http://down.wdlinux.cn/down/wdcp_v2.5.tar.gz
Tar zxvf wdcp_v2.5.tar.gz-c/
|
Second, check the database and suspicious files
If we were to login to the WDCP panel and found that the original admin account was not in, that means we have a problem with security, at least someone came in. We need to check whether the Administrator account has a number of accounts, need to check whether there are redundant database users and Web site files. From the old left to solve a few problems to see, basically are used to raise the right key, according to the method provided by the user Peter needs to check whether the root root directory can be file view. The key in the SSH directory is not added.
Third, reinstall the System Restore site data
For example, the old left yesterday to solve a Taiwan seems to be not completely handled well, if we have the conditions, as far as possible to reinstall the VPS environment, and then move the site back to the past. Of course, you need to modify the security settings according to the previous section.
Second, check the WDCP panel management security vulnerabilities and upgrade WDCP security patches
A-WDCP Panel Background upgrade
This method is directly in the WDCP panel background, we can see the above image of the "Upgrade" connection, old left found not all WDCP old version have this connection, I also wonder why, because there is a customer's machine needs to upgrade I did not find. If it doesn't matter, we can use the following method.
B-SSH Command Upgrade Latest package
The code is as follows |
Copy Code |
wget http://down.wdlinux.cn/down/wdcp_v2.5.tar.gz
Tar zxvf wdcp_v2.5.tar.gz-c/
|
Enter the above command directly, and replace and install the latest files when you enter.
Then we look at the refresh panel to see if it is the latest environment package.
This will at least ensure that the WDCP panel is the latest version. If there is a user in the WDCP panel, check and upgrade quickly. If you find the traffic abnormal after the upgrade, then you only have to redo the system