About Website Security

Just a while before I got started, my website has been infected with Trojans, and the basic website has been under attack. I have been busy solving this problem. Today, I have made some achievements, so I will share with you. If you have any good methods, please teach me. these two days have a headache. the general situation of the website is that the blog system developed by dede + smarty + dz, Baidu and Google have a weight of about 5, so the access volume is relatively large. Dede is widely recognized as having many vulnerabilities and has been developed again. Therefore, it is impossible to find a vulnerability in a short time. If you have friends or the like, you can let them detect it together. After all, it is too troublesome for a person, or add my QQ2387813033. website Directory Security 1> 777 permissions can be set for all directories, css and images files, and css can be set for read and write permissions without execution permissions. If css is changed frequently, write permissions are granted, the image file can only be read, removing all write permissions for PHP files that do not need to be changed frequently, no chance for attackers to write code into php. 2. They often scan for files with special suffixes or newly uploaded files. Check the source code, especially the suffix of inc. 2. website Security Detection 1> 360 website security detection, which is quite helpful, but I don't know if 360 has any other ideas. Haha has detected a repair prompt. 2> write a script to detect trojan files on the website. There are also trojans on the Internet. You can find a trojan file without a backdoor, upload it, and check it yourself. This is quite good. Clear the source code and delete the trojan file. 3> use the upload injection software such as DOMAIN3.5 to test the website. 3. Modify server configuration to add security 1> prohibit some directories from executing PHP files in the apache configuration file, such as uploads/and html. The following is an example:

<Directory "/usr/local/apache2/htdocs/uploads"> <Files ~ ".php"> Order allow,deny Deny from all </Files> </Directory> 

 

2> some directories that do not require access from others are also directly prohibited. 3> modify disable_functions of php. ini to add prohibited functions, as shown in figure

system,exec,shell_exec,passthru,proc_open,proc_close, proc_get_status,checkdnsrr,getmxrr,getservbyname,getservbyport, syslog,popen,show_source,highlight_file,dl,socket_listen,socket_create,socket_bind,socket_accept, socket_connect, stream_socket_server, stream_socket_accept,stream_socket_client,ftp_connect, ftp_login,ftp_pasv,ftp_get,sys_getloadavg,disk_total_space, disk_free_space,posix_ctermid,posix_get_last_error,posix_getcwd, posix_getegid,posix_geteuid,posix_getgid, posix_getgrgid,posix_getgrnam,posix_getgroups,posix_getlogin,posix_getpgid,posix_getpgrp,posix_getpid, posix_getppid,posix_getpwnam,posix_getpwuid, posix_getrlimit, posix_getsid,posix_getuid,posix_isatty, posix_kill,posix_mkfifo,posix_setegid,posix_seteuid,posix_setgid, posix_setpgid,posix_setsid,posix_setuid,posix_strerror,posix_times,posix_ttyname,posix_uname 

 

4. Other Methods 1. Install patches, especially dede 2. Frequently modify the server account password, ftp account password, it is best to use sftp 3. It is best to close the file manager in the dede background, and restore the dede database backup. And all the image uploads in the article are filtered. Other formats, especially php files, cannot be uploaded. 4. I don't know much about linux servers. I will discuss it with you later.