The first thing to note is that any program is flawed, and we need to do some of the necessary precautions to reduce the damage caused by a program vulnerability. There are many loopholes in dream weaving, and this is a lot of people's ideas. However, if you do a dream-weaving system folder permissions for what settings, a lot of loopholes are not used.
These security measures, weaving dream official has given a lot of tutorials, such as the uploads in the background of the Dream folder to execute PHP file permissions. Today, the main thing is to cancel the Uploads folder permissions under Nginx. If it is in Apache, it can be resolved in. htaccess by the following code:
Rewriteengine on rewritecond%!^ $RewriteRule uploads/(. *). (PHP) $–[f]rewriterule data/(. *). (PHP) $–[f]rewriterule templets/(. *). (PHP) $–[f]
In Nginx, you can edit the Nginx virtual host configuration, add the following code in front of the fastcgi location statement:
Location ~/(images|data|uploads|templets/). *\. ( php|php5|htm)? $
{Deny all;}
This code to cancel the above folder to execute PHP and HTM file permissions, why do you want to cancel the HTM file execution permissions? This is the Dream template anti-theft processing, or in the case of others know templates directory, you can directly download the weaving dream template. About the fabric Dream template anti-theft problem, you can refer to the Dream Dedecms template anti-theft four methods of the article.
The above security settings are only a small part of the Dream security settings, as well as folder permissions issues, but also need to be very good to deal with. Of course, no matter how good the security is, regular backups are necessary.
Weaving dream Dedecms using Nginx security settings