当前位置:网站首页>Zhimeng dedecms security setup Guide
Zhimeng dedecms security setup Guide
2022-04-23 16:46:00 【Flower less venerable】
Many friends who installed dream weaving , I'm worried about the safety of Zhimeng , Often encounter hanging horses , Being linked to the dark chain and other things , Dream weaving cat has also encountered , Search through Baidu , Summed up some ways to improve the safety of weaving dream , The following settings can significantly improve the security of weaving dream .
It is recommended to install Zhimeng safety assistant
One 、 The basic chapter (60 branch )
Just complete the setting of the basic chapter , So congratulations , Your dream weaving safety has passed , contrary , If you don't follow the basics , So your website is in jeopardy .
1 Delete unnecessary directories
After the installation of weaving dream , Need to delete now install Catalog , If you don't need to use members 、 project (99% No user can use ), You can delete member、special Catalog .
2 Delete unnecessary files
plus It is suggested to keep only the following documents :ad_js.php,count.php,list.php,search.php,view.php, The rest are deleted .
plus The file functions in the folder are shown in the following table , If not used, you can delete .
file name |
The document states |
Suggest |
guestbook Folder |
Message board |
Delete |
img Folder |
picture |
Delete |
task Folder |
Planning tasks |
Delete |
ad_js.php |
Call advertisement , If your advertisement is not through the background “ Advertising management ” Set up , You can delete the file |
Retain |
advancedsearch.php、heightsearch.php |
Advanced search , It's usually only used for search.php |
Delete |
arcmulti.php |
Asynchronously calls the specified tag list , In less than , Delete it |
Delete |
bookfeedback.php、bookfeedback_js.php |
Book reviews and review call files , There is an injection vulnerability , unsafe |
Delete |
car.php、posttocar.php、carbuyaction.php |
The shopping cart |
Delete |
comments_frame.php |
Call comment , Security breach ( Now generally use third-party comments , No longer use the comments brought by Zhimeng ) |
Delete |
count.php |
Count the number of articles read |
Retain |
digg_ajax.php、digg_frame.php |
The top step function of the article |
Delete |
disdls.php、download.php |
Download statistics 、 Download function |
Delete |
diy.php |
Custom forms |
Retain |
erraddsave.php |
Correction of the article |
Delete |
feedback.php、feedback_ajax.php、feedback_js.php |
Comment related functions |
Delete |
flink.php、flink_add.php |
link 、 Add links ( It is suggested to delete , Otherwise, it is easy to expose the template path ) |
Delete |
freelist.php |
Free list |
Delete |
guestbook.php |
Leaving a message. |
Delete |
list.php |
Dynamically browse the column page |
Retain |
mytag_js.php |
Custom tag js Call mode ( If you don't use the custom macro tag in the background , Please delete ) |
Delete |
qrcode.php |
Generate qr code |
Delete |
recommend.php |
Information recommendation |
Delete |
rss.php |
RSS List of pp. |
Delete |
search.php |
Search for |
Retain |
showphoto.php |
Show big picture ( The atlas model will use ) |
Delete |
stow.php |
Collect articles |
Delete |
view.php |
Browse articles dynamically |
Retain |
vote.php |
vote |
Delete |
3 Modify the default background folder name
The default background is through the domain name /dede visit , Please change it to another name , The harder it is to guess, the better , You can use English + In the form of numbers . The modification method is to rename directly dede Just the name of the folder .
4 Create a new administrator account in the background , Delete default admin user
4.1 Create a new administrator account
Click System -> System user management -> Add Administrator , Fill in the login account, password and other information , User group selection ‘ Super administrator ’
4.2 Delete default admin user
Click System ->SQL Command line tools , function SQL command :delete from dede_admin where id = 1;
5 transfer data Directory to web Out of catalog
data There are serious security risks in the directory , It is necessary to data Move the directory outside the site directory . See this article for specific migration methods : domain name .com/study/78.html
There is really no condition to migrate to students outside the station , Please also be sure to data Change the name of the directory .
版权声明
本文为[Flower less venerable]所创,转载请带上原文链接,感谢
https://yzsam.com/2022/04/202204231640530441.html
边栏推荐
- G008-hwy-cc-estor-04 Huawei Dorado V6 storage simulator configuration
- Quick install mongodb
- 如何用Redis实现分布式锁?
- 众昂矿业:萤石浮选工艺
- 关于 background-image 渐变gradient()那些事!
- MySQL personal learning summary
- Gartner announces emerging technology research: insight into the meta universe
- 计算饼状图百分比
- Introduction to how to set up LAN
- 文件系统读写性能测试实战
猜你喜欢
Dlib of face recognition framework
OMNeT学习之新建工程
昆腾全双工数字无线收发芯片KT1605/KT1606/KT1607/KT1608适用对讲机方案
Gartner 发布新兴技术研究:深入洞悉元宇宙
Phpstudy V8, a commonly used software for station construction 1 graphic installation tutorial (Windows version) super detailed
Sail soft calls the method of dynamic parameter transfer and sets parameters in the title
vim编辑器的实时操作
ACL 2022 | DialogVED:用于对话回复生成的预训练隐变量编码-解码模型
文件操作详解(2)
Knowledge points and examples of [seven input / output systems]
随机推荐
Day 9 static abstract class interface
ACL 2022 | dialogved: a pre trained implicit variable encoding decoding model for dialogue reply generation
伪分布安装spark
Construction of promtail + Loki + grafana log monitoring system
Solution of garbled code on idea console
Esxi encapsulated network card driver
英语 | Day15、16 x 句句真研每日一句(从句断开、修饰)
Mock test using postman
文件系统读写性能测试实战
5-minute NLP: text to text transfer transformer (T5) unified text to text task model
Use itextpdf to intercept the page to page of PDF document and divide it into pieces
Server log analysis tool (identify, extract, merge, and count exception information)
如何建立 TikTok用户信任并拉动粉丝增长
The font of the soft cell changes color
Flask如何在内存中缓存数据?
Kunteng full duplex digital wireless transceiver chip kt1605 / kt1606 / kt1607 / kt1608 is suitable for interphone scheme
Install MySQL on MAC
On the value, breaking and harvest of NFT project
Redis "8" implements distributed current limiting and delay queues
众昂矿业:萤石浮选工艺