[Windows Server 2012] Jackie CMS security settings

★ Welcome to The Guardian God · V Classroom, website address: http://v.huweishen.com
★ Guardian God · V Classroom is a Web site dedicated to providing server instructional video for the Guardian God, updated weekly video.
★ This section we will lead you: Jieqi CMS security settings.
This section is mainly about Jieqi cms How to prevent hackers to upload Trojan horse and on the site, as for the installation of Jieqi CMS is not described in this section
Range!
This section of the Jieqi CMS system has been installed, the URL is: http://localhost/, website installation directory:
D:\wwwroot\jieqicms1.70\web

It is important to note that:
• This section applies to servers or cloud hosts, and if you are using a virtual host, you cannot use the following methods to resolve security issues;
• Fortunately, you can use the Nine Network connected "safe host" to solve the Jieqi CMS security problem; "Ping An host" is a national
The only one can be 100% anti-hanging horse virtual host products.

Below we start to do jieqi CMS security settings.

1, if your site has the ability to generate home page HTML, please sir into the homepage HTML.

2. Create a website run account: Hws_jieqi
This account can only belong to the Guests group, password please do not too simple, otherwise easy to become a hacker exploit the loophole!

3, set Jieqi CMS site folder permissions, can only have the following permissions:
Administrators and System: Full Control permissions
Iis_iusrs and Hws_jieqi: Read permissions
Hws_jieqi: Traverse Folder/Execute file (applies only to: This folder and subfolders)
4, increase the subdirectory permissions, the following are only to increase the permissions of Hws_jieqi.
/cache/: Write/delete (Web cache path, can be modified in the background of the website)
/compiled/: Write/delete (compile file save path, can be modified in the background of the website)
/files/: Write/delete (need to modify novel information, generate novel pages, etc.)
Home file: index.html Write, delete (background generated home page required)

5. Set up IIS
Set up anonymous accounts
Remove the/cache/script execution permission
Remove the/compiled/script execution permission
Remove the/files/script execution permission

6. Testing the website
Site access is normal, background generation static normal.

At this point, the Jieqi CMS security settings have been completed, after Setup, although the hacker may also upload Trojan, but can not run
Has greatly improved the site's security.
If you can work with security aids again, the level of security can continue to improve.

7. Safety Aid Tools
Recommended to use the "security kit" developed by the Guardian God;
Block from system vulnerabilities, software vulnerabilities, Web site vulnerabilities and other aspects of intrusion; fully address the various security threats to servers and websites
。
We demonstrate one of the modules: Web password lock as the name implies, is to set a password on the Web page, only through the password authentication to
To access the Web page, mainly used in the background of the site.
The advantage is that even if our back-end account and password are hacked, hackers will not be able to access our backstage.

Now that this section is over, please visit the Guardian God website (www.huweishen.com) for more instructional videos.

Reprint please indicate the source (http://v.huweishen.com/video/52.html) Thank you!

[Windows Server 2012] Jackie CMS security settings