Teach you how to build a secure Dedecms website

Source: Internet
Author: User

Intermediary transaction http://www.aliyun.com/zixun/aggregation/6858.html ">seo diagnose Taobao guest cloud host technology Hall

Dedecms is the most used building station system for our webmaster, but there are more problems, once there is a station to harm me, at that time just get started SEO, back up what are not understand, not easy to optimize the Web site, one night, there is nothing, you must understand my mood, Then through a variety of data, how to make the dream system more secure, you just do the following, you can ensure that your dream site is not very cattle characters can not invade.

1, download the latest version of the Dream system

No matter what the program, the latest version will be the best, which has played a variety of patch loopholes, the latest version of the repair of a lot of problems, article layout, picture upload, plug-ins and so on.

2, modify the program and directory

  

2.1, this is the Dedecms-v5.7-utf8 of the program directory, you can follow my methods to set up:

The best time to install the database prefix name changed, do not dede_ prefix, arbitrarily change a ljh_ also line;

Installation completed, will be admin this changed, changed to their own special number;

After the installation is complete, be sure to remember to remove install this folder,

If you are simply static Web site, no member registered what the function, you can also delete the directory of members;

Does not need the topic, proposed deletes the special catalogue;

If you do not need the background of the Sqlsql command to remove the dede/sys_sql_query.php file;

Do not need the tag function, please delete the tag.php in the root directory.

2.2, after the deletion of the directory, then the permissions to set up the directory:

Data, Templets, uploads, a directory, set to read and write, can not execute the permissions;

  

2.3, the Data directory path changes

In Dedecms V5.7 users can also set the data directory to the previous level of non-Web Access directory, the basic operation is as follows:

2.3.1, move the data directory to the parent directory, cut the past directly, and then configure the Dededata file in include/common.inc.php:

Find these 16 lines: Define (' Dededata ', dederoot. /data '); replaced by: Define (' Dededata ', Dederoot. ') /.. /.. /data ');

2.3.2, background settings template cache path:

Login to the background, find: System-"system basic Parameters-" performance options, modify the template cache directory:

  

The data directory is set up here.

2.4, change Dede directory name, that is, the background of the directory, casually replaced what, only you know, and login name, password, the more complex the better.

3, the installation of security Plug-ins:

360 Web site Security monitoring is a very powerful tool, I am using this, mainly including vulnerability monitoring, backdoor killing, such as the repair of loopholes.

3.1, the installation of loopholes to repair plug-ins, the main role: to repair the Web site vulnerabilities, real-time monitoring hacker attacks, installation methods are as follows:

1, download the PHP version of the repair plug-ins;

2, extract to the site root directory;

3, find the data directory inside the common.inc.php, in

4. Installation complete.

3.2, the installation of the back door to detect tools: installed to the site, you can carry out the back door to the site, so that hackers left behind the backdoor can not hide, installation methods are as follows:.

1, download the PHP version verified tools;

2, the file will be extracted and uploaded to the site root directory;

3, visit http://your website/360scan.php, confirm the installation is successful.

4, FTP considerations:

Please keep the ftp password of the space properly. and password must be complex, regularly modify the FTP password and so on. If your own server is on its own, be sure to do a good job of server security maintenance.

The preparation of the work is similar, it is best to recommend the use of pure static HTML files, and often pay attention to the major security sites, testing their own site security performance, to the website of the dream of the download patch, do a good job of the above, as long as not very cattle characters, is not invaded. This article by: Hua Yan medical cosmetology http://www.huayan.cd in A5 original start, reprint please keep the link, thank you!

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.