Intermediary transaction http://www.aliyun.com/zixun/aggregation/6858.html ">seo diagnose Taobao guest cloud host technology Hall
The most important three dream-weaving security settings.
Dream Web site management system as one of the most mainstream web site management system, the market share is very high. And a lot of small and medium-sized webmaster to dream of the security settings do not do enough to give hackers an opportunity. Often have friends complained that their website was hung black chain or Trojan horse. This article details three important dream-weaving security settings for the general Webmaster Friend Reference.
1. Change the location of the data directory of Dream Weaving.
The data directory is used to store some important configuration files of the dream system, and it should be protected. The following steps are:
1 Create a new directory for the data directory, such as MYDATAABC, to move the data directory to the directory. So the full directory of data becomes/mydataabc/data
2 Modify the configuration file include/common.inc.php, find the statement define (' Dededata ', Dederoot. ') /data '); Modified to define (' Dededata ', dederoot.) /mydataabc/data ');
3) Adjust the location of the verification code picture: Modify the file/include/vdimgck.php (the red part is the modified code)
Change related code to
Require_once (DirName (__file__). /.. /mydataabc/data/safe/inc_safe_config.php ');
Require_once (DirName (__file__). /.. /mydataabc/data/config.cache.inc.php ');
$config = Array (
' Font_size ' => 14,
' Img_height ' => $safe _wheight,
' Word_type ' => (int) $safe _codetype,//1: Number 2: English 3: Word
' Img_width ' => $safe _wwidth,
' Use_boder ' => TRUE,
' Font_file ' => dirname (__file__). ' /data/fonts/ggbi.ttf ',
' Wordlist_file ' => dirname (__file__). ' /data/words/words.txt ',
' Filter_type ' => 5);
$sessSavePath = DirName (__file__). /.. /mydataabc/data/sessions/";
2. Delete unnecessary system files:
In the plus directory, the dream system provides a wide range of system programs that can be used. These system files can be simplified appropriately.
For example, my love Easy Design website Construction Studio site, only retained such a few files, mytag_js.php ad_js.php (advertising display), count.php (article Access count), search.php (article search), feedback.php feedback_ajax.php feedback_js.php (comments), list.php (channel dynamic page), and other PHP files in the plus directory are all deleted.
In the Dede directory, you can delete several files for background file management: file_manage_control.php, file_manage_main.php, file_manage_view.php, media_add.php, media_edit.php, media_main.php.
You do not need a member system Web site, you can delete the Members folder.
Sites that do not require a topic can delete the special folder.
3, reasonable set of sensitive directory permissions
Prohibit the execution of data and upload directory: That is, right-click the directory in FTP, select Properties, set permissions to 666.
The above dream setting is very important to the safety of the dream system, and many webmaster friends are not familiar with these operations. I hope this article to the vast number of webmaster Friends of the dream of weaving Web site security Help! This article by the Love Easy Design Studio www.iesheji.com original release, reprint please keep this site link, thank you.