Although the title of this article is Pjblog security settings, in fact, for any Web site procedures are applicable,
Flexibility is OK.
The following is the text:
First, set the directory security for Pjblog in IIS. It is recommended that you first create a new independent user name in the user group, be attributed to the guest group, or rebuild a group. For example, I'm here named Daokers.cn, You can set up a complex password to create a good user we will be able to set the security of the Pjblog site in IIS, first select the Pjblog site Directory, right-click, properties, come to the property box "Directory Security", click "Authentication and Access Control" edit, Pop-up "authentication Method" dialog box To enable anonymous access. Click the "Tour" button behind the username, pop the "Select User" dialog box, click "Advanced", select "Find Now" in the dialog box, select the user daokers.cn just created in the list below and only enter the password you set when you previously created the user.
Second, then return to the site's property box, click on the home directory, to the local directory only set Read permissions, the application set "script-only" permissions.
Cancels the "pure script" permission for directories such as Article,attachments,images,skins, giving only Read permissions.
Cancels all read and Execute script permissions for the database Blogdb folder.
Third, after the IIS directory is set up, set permissions on the folder where the site is stored. Right-click the Site folder, select Properties, click Add on the Security tab, add the user you want to start adding anonymous users, set read permissions, and secure access to the entire site.
To ensure the normal operation of the site, many have a lot of data written, here attention to open these directory write permission, open article,attachments,backup,cache,post Write permission, if you want to edit plug-ins and skin words also want to open plugins, Write permissions for the skins directory and plugins.asp.
Here, without the help of third party software can basically guarantee the security of this site, give attachments upload directory Write permission, while canceling script execution permissions.
If you want to achieve greater security effects, we can combine the active defense software to monitor each file, do not allow IIS to illegally modify and add files, so as to achieve the purpose of preventing black and hanging horses.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
