5 effective ways to effectively prevent Dedecms from being invaded

Intermediary transaction http://www.aliyun.com/zixun/aggregation/6858.html ">seo diagnose Taobao guest cloud host technology Hall

In the domestic CMS, with the dream Dedecms as a site to build the core of a lot of sites, including medium-sized corporate sites, there are small personal sites, there are more spam sites. The greater the number of users, the more important it is to be secure. Often in the forum to see some stationmaster said their website was hanged horse, data was deleted, more should be hung black link. This afternoon when our company's website was hung black links, responsible for the site to promote the colleagues in the detection of links when the link to see an unknown SF link, and then through the source code to see a large number of black links.

There are a number of reasons for this, such as server security issues, or Web site program vulnerabilities. In view of this itbulu analysis and collation on DEDECMS safety maintenance, put forward 5 effective methods to prevent dedecms from being invaded.

First, server security. Most of our webmaster are used by the virtual host, some people say that we have no way to choose and solve, I think this can still be solved. When we bought the mainframe, can try a few days, the general host can provide a trial service, or ask the host to provide sales host IP to us, we can through the same IP site and related sites to analyze the current server security situation, if you find that many sites are linked with black links, That means server security has a certain problem, the choice of time to consider carefully.

Second, the security settings for the program. We need to set the requirements according to the official dream, do not open all files and folders Read and Write permissions, some folders are set to read-only state, if we are used to do the content system, but not to allow members to participate, we can delete the member folder, because a lot of security is through the members of the right to mention. And we after the installation of the program, to delete the install folder, in the database password and account password to try to be more complex, using numbers, uppercase and lowercase letters, as well as character mix as a password. Web site background path to the default Dede modified to other not easy to guess.

Third, timely upgrade patches. As a dream website, upgrade is also often done, we log in the background of the site, if you see an upgrade reminder, need to update the file in time to prevent the intrusion because no escalation. Generally common security, the official website will be the first time to find, and provide patches, this point if we do it in time, from the point of view of the site is no problem.

Four, the password is set up safely. Whether it is our website password or database password, or FTP login password, we need to set some security. A host friend told me, recently out of what FTP password scanning software, you can directly scan out the weak password, directly through the administrator landing modify the site.

Five, regular data backup. About the security of the site, backup sure everyone knows that everyone will also go back. May start to do the site will also be a serious regular backup, after a long time to forget, also lazy to back up. Wait for the site to have a problem and regret why there is no backup. So regular backup data is any site must do, than just dedecms, generally the best half a month or one months to back up, according to their own site data and importance. Some host Chambers help us back up, like a weekly backup, and a daily backup, which is pretty good.

The above 5 points suggestion, is I thought that effectively prevents the dedecms to be invaded the 5 effective method, hoped has a reference value to everybody.

This article comes from: http://www.itbulu.com/original share, reprint indicate source, thank you.