Dede security is always worrying, but it is very convenient to build a website, if we use Dede to build a station, we must do a good job of security protection.
The following is a summary of Dede Dream 5.7 Safety protection settings
1, change the administrator name and password, as far as possible to set up a complex, generally uppercase and lowercase letters and special symbols more than 12 bits
2. It is strongly recommended that the data/common.inc.php file attribute be set to 644 (Linux/unix) or read-only (NT);
3, management directory renaming, preferably changed into MD5 form, the best long point, I generally changed to 20-bit size sub-alphanumeric.
4, if the use of HTML can be a plus under the corresponding file and root directory of the index.php to do off (the use of all deleted, you can also delete the tables in the database)
Attach the file description under Plus
If you do not want it in the first place, do the following in the installation version of the plus directory. Delete: Guestbook folder "message board"; Delete: Task folder and task.php "scheduled task control file" Delete: ad_js.php "ads" Delete: bookfeedback.php and bookfeedback_js.php " Book reviews and comments call file, there is an injection vulnerability, unsafe "Delete: bshare.php" share to Plugin "Delete: car.php, posttocar.php and carbuyaction.php" Shopping cart "Delete: comments_frame.php "Invoke comment, presence of security vulnerability" Delete: digg_ajax.php and digg_frame.php "Top" Delete: download.php and disdls.php "Download and Count Statistics" Delete: erraddsave.php "error correction" Delete: feedback.php, feedback_ajax.php, feedback_js.php "comment" Delete: guestbook.php "message" Delete: stow.php "Content Collection" Delete: vote.php "vote"
5, pay attention to the background update notice, check whether to play the latest Dedecms patch
6. After installation, delete the Intstall directory
7, the Management directory file_manage_xxx.php, do not have to do, this is not very safe, at least into the background to upload the pony is very convenient
8, download the release function (Management directory soft__xxx_xxx.php), do not have to be done, this is also relatively easy to upload pony
Dede 5.7 Safety protection settings
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
