Dream Dedecms 5.3 5.5 version of the Security Settings Summary Guide

Source: Internet
Author: User

Intermediary transaction http://www.aliyun.com/zixun/aggregation/6858.html ">seo diagnose Taobao guest cloud host technology Hall

Starting from today I will mainly write a dream dedecms use of the topic, first of the Dedecms 5.3 5.5 version of the security settings of the summary written out for the use of Dedecms v5.3/5.5 users, if your site data is very important, I suggest that you click the steps to set up your website, as a very important step before starting the site [Dedecms theme: Http://www.qiufengxia.com/dedecms]:

1. Other matters needing attention

(1) Do not use the Web site directly with the MySQL root user permissions, to each site to set up a separate MySQL user account, permission is:

SELECT, INSERT, UPDATE, DELETE

Create, DROP, INDEX, ALTER, create temporary TABLES

Because Dede does not use stored procedures anywhere, you must disable file, execute, and so on to execute stored procedures or file operations.

(2) Although the install directory has been strictly dealt with, but for the sake of security, we still recommend that it be deleted.

2, directory Permissions

We do not recommend the user to set the column directory in the root directory, because this security settings will be very troublesome, by default, after the installation is complete, the directory settings are as follows:

(1) Include, member, plus, admin directory set to executable script, readable, but not writable (with add-on modules installed, book, ask, company, group directory is also set).

(2) Do not need a special topic, it is recommended to delete the special directory, you need to be able to generate HTML, delete the special/index.php and then set this directory to be read-write, not executable permissions.

(3) data, templets, uploads, a or 5.3 HTML directory, set to read-write, not enforceable permissions.

3. How do I set permissions for a directory? For users who will use Linux, I believe most of them already know these things, IIS users, please look at the following figure:

(1) Set the directory to read-only

Replication Permissions

  

Set to read-only

  

Setting does not allow script execution

  

Also note that the problem is that both IIS and Apache do not include. PHP and. inc files in MIME, so the system will prevent downloading of these files.

Some of the above content is for personal server webmaster friends, for other webmaster as long as the first step and the second step can be.

The preliminary preparation of website construction is very important, please treat it seriously!

Author: Qiu Feng Xia

Original address: http://www.qiufengxia.com/archives/36.html

Reprint please indicate the source, thank you very much!

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.