Home > Others

Dedeampz Security Settings Tutorial

Source: Internet
Author: User
Tags root directory
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

First step: Set Apache run permissions.

After the DEDEAMPZ is installed on the windows2003 system, the Apache service is run with the user "system" (Local System account). This leaves a security risk for the server. So, create a new account to run Apache instead of system and set the appropriate permissions.

1. Create an account in Computer Management > Local Users and Groups >, for example: Web, password set to: Yuzhenhai.

2. Open Start > Admin tools > Local Security Policy, select "Log on as service" in User Rights Assignment and add Web users.

3. Computer Management Select Services, find apache2.2, first stop the service, right click > properties, select Login, switch the radio box from the local System account to this account, and then find, select the Web, enter the password Yuzhenhai, Then click OK (this time Apache does not start properly.) )

4. Remove all the disk root directory except Administror and system of all permissions, if the Dedeampz installed in D disk, give D disk users read and run, column directory, read three permissions.

5. Add Full Control to the Web user rights of the Apache installation directory D:dedeampzprogramapach directory.

6. Add Full Control to the Web user rights of the PHP installation directory.

7.php.ini the specified php temporary upload directory and session save directory D:wwwroottmp, give the Web user Full control of permissions.

8. Restart the Apache service. This way, Apache runs under a low privilege user.

Step two: Configure Apache.

1. Let Dedeampz support. htaccess file.

Open the apacheconfhttpd.conf configuration file and find:

Options Indexes

AllowOverride None

Order Allow,deny

Allow from all

Modified to:

Options Indexes FollowSymLinks

AllowOverride All

Order Allow,deny

Allow from all

2. Turn off Apache to list directories automatically.

Options Indexes FollowSymLinks

AllowOverride All

Order Allow,deny

Allow from all

Modified to:

Options FollowSymLinks

AllowOverride All

Order Allow,deny

Allow from all

3. Turn on gzip compression.

Open the Apacheconfhttpd.conf configuration file and add:

Addoutputfilter DEFLATE HTML xml PHP js CSS

4. Load gzip compression module.

Open the Apacheconfhttpd.conf configuration file and add it in the Load module section:

LoadModule Deflate_module modules/mod_deflate.so

Step three: Open some files and folders Full Control permissions.

index.html view uploads data gives the Web user Full control over permissions.

Step Fourth: Close the execution permissions for the directory in step three.

Add in Virtual Host configuration:

<directory "D:dedecmsuploads" >

<filesmatch ". php" >

Order Allow,deny

Deny from all

<directory "D:dedecmsdata" >

<filesmatch ". php" >

Order Allow,deny

Deny from all

<directory "D:dedecmsview" >

<filesmatch ". php" >

Order Allow,deny

Deny from all

This article comes from "Yu Zhenhai net http://www.yuzhenhai.com", reprint please keep this information.

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
wordpress security settings outdated tls security settings chromebook security settings chromebook security settings iphone app security settings php ini security settings iphone app security settings

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More