search
HomeBackend DevelopmentPHP TutorialDedeCMS (Dreamweaver) website server directory security setting experience sharing_PHP tutorial

The current Internet environment is becoming more and more severe. Security has always been an issue that cannot be ignored by program developers and webmasters. How to choose an easy-to-use and safe program and how to build a secure server environment? It has always been something that most webmasters are eager to know. This article combines the server and DedeCms to configure a safe environment.

1. Directory permissions

We do not recommend users to set the column directory in the root directory because it will be very troublesome to set up security in this way. By default, after the installation is completed, the directory setting is as follows:

(1) Data, templets, uploads, a or 5.3 html directory, set read-write, non-executable permissions;

(2) If you don’t need a special topic, it is recommended to delete the special directory. If you need it, you can delete special/index.php after generating HTML and set the directory to read, write, and non-executable permissions;

(3) The include, member, plus, and background management directories are set to executable scripts, which are readable but not writable (if additional modules are installed, the book, ask, company, and group directories are also set in the same way).

2. Other issues that need attention

(1) Although the install directory has been strictly processed, for safety reasons, we still recommend deleting it;

(2) Do not directly use MySQL root user permissions on websites. Set up an independent MySQL user account for each website. The permissions are:

SELECT, INSERT, UPDATE, DELETE
CREATE , DROP , INDEX , ALTER , CREATE TEMPORARY TABLES

Since dede does not use stored procedures anywhere, be sure to disable FILE, EXECUTE, etc. permissions to perform stored procedures or file operations.

3. How to set the permissions of the directory?

For users who know how to use Linux, I believe most of them already know these things. For IIS users, please see the picture below:

3.1 Set the directory to read-only permission

First copy the permissions

Set directory as read-only permission

3.2 Setting the directory does not allow script execution

Another thing to note is that neither IIS nor Apache should add .php and .inc files to mime, otherwise the system will prohibit downloading of these files.

4. Apache site security settings

If you are running Windows 2003, you can perform the following operations on Apache:

4.1 Create an account in the local users and groups in computer management, for example: DedeApache, set the password to DedeApachePWD, and join the guests group (if problems occur, you can grant user permissions);

4.2 Open Start->Administrative Tools->Local Security Policy, select "Log on as a service" in "User Rights Assignment", and add the DedeApache user;

4.3 Select services in computer management, find apache2.2, stop the service first, right-click -> Properties, select login, switch the radio button from the local system account to this account, then search and select DedeApache, enter the password DedeApachePWD , and then click OK (Apache cannot start normally at this time, and generally an error will be reported: Apache2.2 service stopped due to 1 (0x1) service error.);

4.4 Grant the apache installation directory (for example: D:/apache2.2) and the web directory (for example: D:/wwwroot) the read and write permissions of the DedeApache account, and remove all permissions except administrator and system from the root directory of each disk. Grant readable column directory permissions to the apache account in the root directory of the disk where the DedeApache installation directory is located

We can add the following content in the site configuration:

<Directory "D:\dedecms\www\uploads"> 
<FilesMatch ".php"> 
Order Allow,Deny 
Deny from all 
</FilesMatch> 
</Directory> 
<Directory "D:\dedecms\www\data"> 
<FilesMatch ".php"> 
Order Allow,Deny 
Deny from all 
</FilesMatch> 
</Directory> 
<Directory "D:\dedecms\www\templets"> 
<FilesMatch ".php"> 
Order Allow,Deny 
Deny from all 
</FilesMatch> 
</Directory> 
<Directory "D:\dedecms\www\a"> 
<FilesMatch ".php"> 
Order Allow,Deny 
Deny from all 
</FilesMatch> 
</Directory>

This corresponds to canceling the script execution permission of the corresponding directory.

5. Change the data directory path

In addition, in DedeCMS V5.7, users can also set the data directory to the upper level non-web access directory. The basic operation is as follows:

5.1 Move the data directory to the upper level directory, just cut it here;

5.2 Configure the DEDEDATA file in include/common.inc.php

define('DEDEDATA', DEDEROOT.'/data');

can be changed to something like:

define('DEDEDATA', DEDEROOT.'/../../data');

5.3 Set template cache path in the background

Articles you may be interested in

  • How to optimize servers, staticize, database optimization, and load balancing for high-traffic websites to achieve high load
  • dedeCMS Dream Weaver Message Board How to call the website head
  • How to enhance the security of Linux and Unix server systems
  • The role of Xdebug and its installation and configuration details
  • Eight design details of B2C websites
  • Mysql server master-slave database synchronization configuration
  • How to check how many websites are hung on the same server
  • Solution to the DedeTag Engine Create File False error in dedeCMS

www.bkjia.comtruehttp: //www.bkjia.com/PHPjc/764161.htmlTechArticleThe current Internet environment is becoming more and more severe, and security has always been an issue that cannot be ignored by program developers and webmasters. Question, how to choose an easy-to-use, safe program, how to build an...
Statement
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
dedecms怎么增加多语言dedecms怎么增加多语言Feb 27, 2023 am 09:21 AM

dedecms增加多语言的方法:1、进入dedecms后台,创建封面栏目;2、将封面栏目“常规选项”的文件保存目录设置为cn或者en;3、将封面栏目“高级选项”的列表模板设置为“cn_index.htm”或者“en_index.htm”;4、单独调用每种语言的封面栏目和每种语言下的导航栏目即可。

织梦cms是什么语言写的织梦cms是什么语言写的Feb 21, 2023 am 09:45 AM

织梦cms是用PHP语言写的。织梦CMS(DedeCMS)是一个PHP开源网站管理系统,作用是构建中小型网站;它采用PHP+MySQL技术开发,可同时使用于windows、linux、unix平台。

dedecms是什么语言dedecms是什么语言Feb 24, 2023 am 09:46 AM

dedecms是PHP语言开发的;dedecms中文全称是织梦内容管理系统,是一个PHP开源网站管理系统;dedecms基于PHP和MySQL技术开发,可同时使用于Windows、Linux、Unix平台。

dedecms有移动端吗dedecms有移动端吗Mar 02, 2023 am 09:30 AM

dedecms有移动端,其移动端安装方法是:1、将DATA移到根目录外的安全设置,修改“/m/index.php”代码;2、在“更新主页HTML”中,将“选择主页模板”改为“default/index_m.htm”;3、将首页“图文资讯”的url修改为移动端链接;4、设置移动站可通过二级域名访问即可。

dedecms怎么删除栏目dedecms怎么删除栏目Jul 13, 2023 pm 04:31 PM

dedecms删除栏目的方法:1、登录后台管理;2、进入“栏目管理”,可以看到当前网站所有栏目;3、选择要删除的栏目;4、将鼠标悬停在栏目名称上,删除栏目;5、点击“确认”按钮以继续删除操作;6、删除成功。

dedecms缩略图报错怎么办dedecms缩略图报错怎么办Feb 27, 2023 am 09:32 AM

dedecms缩略图报错的解决办法:1、将windows目录设置为user读权限;2、将“windows/Temp”设置为user读写权限;3、找到php.ini中的“upload_tmp_dir”目录,然后去掉前面的分号;4、设置地址,赋予user读写权限即可。

DedeCMS创始人林学(IT 柏拉图)逝世DedeCMS创始人林学(IT 柏拉图)逝世Dec 05, 2022 am 11:54 AM

12 月 3 日下午,DedeCMS 创始人林学(IT 柏拉图)因罹患癌症逝世。林学生于 1979 年 10 月 10 日,于 2004 年 8 月编写的 DedeCMS 至今仍有数十万企业、个人站长使用。

2023年织梦dedeCMS视频教程推荐2023年织梦dedeCMS视频教程推荐Oct 25, 2019 pm 01:56 PM

织梦内容管理系统(DedeCMS) 以简单、实用、开源而闻名,是国内最知名的PHP开源网站管理系统,也是使用用户最多的PHP类CMS系统,在经历多年的发展,目前的版本无论在功能,还是在易用性方面,都有了长足的发展和进步。

See all articles

Hot AI Tools

Undresser.AI Undress

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress AI Tool

Undress images for free

Clothoff.io

Clothoff.io

AI clothes remover

AI Hentai Generator

AI Hentai Generator

Generate AI Hentai for free.

Hot Article

R.E.P.O. Energy Crystals Explained and What They Do (Yellow Crystal)
3 weeks agoBy尊渡假赌尊渡假赌尊渡假赌
R.E.P.O. Best Graphic Settings
3 weeks agoBy尊渡假赌尊渡假赌尊渡假赌
R.E.P.O. How to Fix Audio if You Can't Hear Anyone
3 weeks agoBy尊渡假赌尊渡假赌尊渡假赌

Hot Tools

WebStorm Mac version

WebStorm Mac version

Useful JavaScript development tools

SAP NetWeaver Server Adapter for Eclipse

SAP NetWeaver Server Adapter for Eclipse

Integrate Eclipse with SAP NetWeaver application server.

MantisBT

MantisBT

Mantis is an easy-to-deploy web-based defect tracking tool designed to aid in product defect tracking. It requires PHP, MySQL and a web server. Check out our demo and hosting services.

SublimeText3 Chinese version

SublimeText3 Chinese version

Chinese version, very easy to use

Dreamweaver Mac version

Dreamweaver Mac version

Visual web development tools