Dream Dedecms 5.3 5.5 version of the Security Settings Summary Guide

Intermediary transaction http://www.aliyun.com/zixun/aggregation/6858.html ">seo diagnose Taobao guest cloud host technology Hall

Starting from today I will mainly write a dream dedecms use of the topic, first of the Dedecms 5.3 5.5 version of the security settings of the summary written out for the use of Dedecms v5.3/5.5 users, if your site data is very important, I suggest that you click the steps to set up your website, as a very important step before starting the site [Dedecms theme: Http://www.qiufengxia.com/dedecms]:

1. Other matters needing attention

(1) Do not use the Web site directly with the MySQL root user permissions, to each site to set up a separate MySQL user account, permission is:

SELECT, INSERT, UPDATE, DELETE

Create, DROP, INDEX, ALTER, create temporary TABLES

Because Dede does not use stored procedures anywhere, you must disable file, execute, and so on to execute stored procedures or file operations.

(2) Although the install directory has been strictly dealt with, but for the sake of security, we still recommend that it be deleted.

2, directory Permissions

We do not recommend the user to set the column directory in the root directory, because this security settings will be very troublesome, by default, after the installation is complete, the directory settings are as follows:

(1) Include, member, plus, admin directory set to executable script, readable, but not writable (with add-on modules installed, book, ask, company, group directory is also set).

(2) Do not need a special topic, it is recommended to delete the special directory, you need to be able to generate HTML, delete the special/index.php and then set this directory to be read-write, not executable permissions.

(3) data, templets, uploads, a or 5.3 HTML directory, set to read-write, not enforceable permissions.

3. How do I set permissions for a directory? For users who will use Linux, I believe most of them already know these things, IIS users, please look at the following figure:

(1) Set the directory to read-only

Replication Permissions

Set to read-only

Setting does not allow script execution

Also note that the problem is that both IIS and Apache do not include. PHP and. inc files in MIME, so the system will prevent downloading of these files.

Some of the above content is for personal server webmaster friends, for other webmaster as long as the first step and the second step can be.

The preliminary preparation of website construction is very important, please treat it seriously!

Author: Qiu Feng Xia

Original address: http://www.qiufengxia.com/archives/36.html

Reprint please indicate the source, thank you very much!