Do a good job of weaving dream dedecms safety protection all methods

Many students encounter the site was attacked by the horse, most of them are not competitors. In most cases, hackers use tools to scan the intrusion in batches. Therefore, it is important to protect yourself from safety.

Weaving Dream Installation Note: Modify the default database prefix:

In the DEDECMS installation, modify the table prefix of the database, try not to use the default prefix dede_, just change the other English letter lowercase name. To prevent hackers from guessing.

Remove all re-backdoor and vulnerabilities after installation 1. Modify the default background path:

Role: is to prevent hackers to guess your backstage, to do other operations.
Enter the site root directory, you can see the Dede folder, rename it. For example, change to Lisanbao
This time, the backstage visit
No:
Your domain name is/dede
Example: Lishanbao.com/dede

But:
Your website domain name/lisanbao
Example: Lisanbao.com/lishanbao

2. Search for "login_ad.htm" files.

Location "root directory \dede background folder \templets\login_ad.htm" Delete this paragraph as follows:

<!--<script type= "Text/javascript" src= "<?php echo $updateHost;? >/dedecms/loginad.<?php echo $cfg _soft_lang; >.js "></script>--> <div class=" Dede-ad "> <ul> <script type= "Text/javascript" src= "http://ad.dedecms.com/adsview/?action=single&key= ADMCPLOGINAD&CHARSET=GBK "></script> </ul> </div>

3. Search for "index_body.htm" files.

Location "root directory \dede background folder \templets\index_body.htm" Delete this paragraph as follows:

<iframe name= "Showad" src= "Index_body.php?dopost=showad" frameborder= "0" width= "100%" id= "Showad" frameborder= "0" Scrolling= "No" marginheight= "5" ></iframe>

4. Search for "module_main.php" files

File "root directory \dede background folder \module_main.php" comment out these two paragraphs, they will send to DEDECMS website uninstall or install plug-in information, if your server is not very good, or does not support the acquisition (download), then will be stuck! Remove.

321 Rows//SendData ($hash), 527 rows//SendData ($hash, 2);

5. Search for "flink.lib.php" files

The file "root directory \include\taglib\flink.lib.php" Removes this section from here, because if your site is not configured well or does not even support capture, it is likely that you will get stuck:

else if ($typeid = = 999) {}

6. Search for "dedemodule.class.php" files

File "root directory \include\dedemodule.class.php" Why the management module is always open, it is here, every 30 minutes to the official website to detect a version, so your site does not support the collection or configuration is too low, the card is dead!

if (file_exists ($cachefile) && (Filemtime ($cachefile) + $ *) > Time ()) modified to if (File_exists ($cachefile) & & FileSize ($cachefile) > 10)

7. Search for "dedesql.class.php" files

File "root directory \include\dedesql.class.php" Remove this paragraph, he will add links to the website:

$arrs 1 = array (0x63,0x66,0x67,0x5f,0x70,0x6f,0x77,0x65,0x72,0x62,0x79); $arrs 2 = Array (0x20,0x3c,0x61,0x20,0x68,0x72,0x65,0x66,0x3d,0x68,0x74,0x74,0x70,0x3a,0x2f,0x2f, 0x77,0x77,0x77, 0x2e,0x64,0x65,0x64,0x65,0x63,0x6d,0x73,0x2e,0x63,0x6f,0x6d,0x20,0x74,0x61,0x72, 0x67,0x65,0x74,0x3d,0x27,0x5f, 0x62,0x6c,0x61,0x6e,0x6b,0x27,0x3e,0x50,0x6f,0x77,0x65,0x72,0x20, 0X62,0X79,0X20,0X44,0X65,0X64,0X65,0X43,0X6D, 0X73,0X3C,0X2F,0X61,0X3E);

Special operation if (Isset ($GLOBALS [' arrs1 ')) {$v 1 = $v 2 = '; 　　For ($i =0;isset ($arrs 1[$i]), $i + +) {$v 1. = Chr ($arrs 1[$i]); 　　} for ($i =0;isset ($arrs 2[$i]), $i + +) {$v 2. = Chr ($arrs 2[$i]); 　　} $GLOBALS [$v 1]. = $v 2; }

8. Modify the Dede data to hold the default folder

Modifying the Data folder name is data#7080, which is a key step.
The data directory of the DEDECMS system is primarily a basic configuration file and a folder of cached data, usually the main object of the site intrusion.
After you add the. htaccess in the data#7080 folder, the file content is deny from all.
After you need to modify the home page file/index.php, the global public introduction of the file/include/comm.inc.php,/data where the/data all replaced with/data#7080.
After modifying the/data in the entire project file, tick "match entire word" and replace with/data#7080.
(Note that if you do not rename the/include/data directory to/include/data#7080, you need to manually check for replacements to avoid errors).

Remove unnecessary files to prevent attacks

Delete the install folder under the root directory
Remove the Member folder Membership feature under the root directory
Delete all php files except list.php view.php count.php under the Plus folder in the root directory!
Remove the special feature from the root directory
Remove the company Enterprise module under the root directory

These files in the managed directory are background file managers, are redundant, and most affect security
file_manage_control.php file_manage_main.php file_manage_view.php media_add.php media_edit.php media_main.php

You do not need to remove the dede/sys_sql_query.php file from the SQL command runner.
You do not need the tag function to remove tag.php from the root directory. Do not need the guest please remove the digg.php and diggindex.php from the root directory.
Download the publishing function (under the Management directory soft__xxx_xxx.php), can be deleted, this is also easier to upload pony.

Enter the background for safe operation

Background login to open the verification code function, the default admin admin deleted, changed to a dedicated, complex point of account.

Functions that are not available, such as members, comments, etc., are closed in the background if not necessary.

Other precautions

1, pay more attention to the DEDECMS official release of security patches, timely patching.
2, DEDECMS official website out of the Universal Security Protection Code, I sent in the post, the official website to members can see.
3, the safest way: Publish the HTML locally, and then upload to the space. Does not contain any dynamic content, theoretically the safest, but the maintenance is relatively troublesome.
4, or have to constantly check their own website, is hung black chain is trivial, be hung Trojan or delete the program is very miserable, bad luck, the rankings will follow away. So remember to back up your data often.
5, some directories prohibit the execution of scripts, such as uploads, static generated directory, etc.
6, for the background needs to execute the PHP directory, set to prohibit anonymous users of the site, with write permissions.

Source: http://lisanbao.moonseo.cn/?p=579

Do a good job of weaving dream dedecms safety protection all methods